General discussion

  • Creator
    Topic
  • #2185464

    Hackers, crackers, etc. – treated like heros?

    Locked

    by peter spande ·

    IT professionals are fascinated by hackers, crackers, etc. On the one hand, this is interesting coding. On the other hand it makes so many people’s work more difficult, takes away from the time people can devote on other aspects of their work. Are we fueling the fire or just getting to understand the enemy? Is this IT’s version of the Sopranos?

All Comments

  • Author
    Replies
    • #3066540

      they do get treated well….

      by wawadave ·

      In reply to Hackers, crackers, etc. – treated like heros?

      theey do seem to get treated well perhapps this is for the wrong reasons.

      • #3068459

        Catch me if you can!!!!

        by kevaburg ·

        In reply to they do get treated well….

        Ever seen the film? We have a lot to learn from these people. Wrong-doers should be punished severely but those that want to genuinely reform should be welcomed into our community with open arms. What better way to protect against unethical hackers than to have an ethical hacker on your side?

        • #3067318

          Hero/Villain = Love/Hate = Fine Line

          by justame@work ·

          In reply to Catch me if you can!!!!

          This particular topic is ammusing at best. Hackers, crackers, avwriters, phreaks, etc are no more heros that they are villians. Nore are they any worse / more acceptable that govenrment agents, either our side or theirs (which ever our/their side might be for any of us). Think of them as some would a layers. . . an evil, nescessity.

          The term “hacker” has lost its original meaning over the years (at least in the technology world). Now days, there are some many people that are dropped into the catagory of hackers, despite the fact that they have only a remedial understanding of technology let alone can only dream of coding in assembly.

          If not for hackers, hundreds of thousands of bugs and whole would exist in every piece of software. We could debate the concept that “if there were no hackers to uncover the exploits, we would never need to patch them”. This is true, but at some point someone would discover it. Now, here is something for the security community to think about:

          Which weould you rather have”
          1-A number of unknowledgable scriddies attempting to attack your environment, using methods that were discoverd as the result of some hacker posting the vulnerbility to Bugtraq
          2-Insecure code in your environment, which is never discovered because its never been tested/investigated/hacked/counter engireered?

          Being in the security arena (you guess which hat), it is not what you see that you need to be most concerend with, but that which you do not see.

          I say allow the hackers to continue. Allow them to test the waters. Are they making things more difficult for us? Sure, but like I tell my kid: The only way you get better it to be challanged. The same applied with the Infosec arena

        • #3067274

          hackers waste time

          by avid ·

          In reply to Hero/Villain = Love/Hate = Fine Line

          the time we spend fighting hackers could be put into developement a new technology instead of being wasted on better security. your argument points to you being a hacker, so i can see why you defend their point of view. and if you are a white hat, then the black hats are providing you with employment. so i know where you are coming from. but i must disagree that hackers are important or neccesary. they are breaking the law in most cases and most are unethical. i would rather spend my time building new technology rather than spend it finding new ways to keep these useless piles of sh@!, that we call hackers, from breaking old technology. maybe we in the PROFESSIONAL world should come up with new terms for them that is more fitting, like thieves and cowards. this may stop our youth from wanting to follow in the foot steps of these criminals.

        • #3067245

          well…

          by 0troy ·

          In reply to hackers waste time

          New technology is constantly being created. And certain vendors are doing just what you suggest, Making new technology instead of fixing old technology. For example, no longer does microsoft support versions of windows before NT (2000 is soon to join those ranks). If “new technology” is so much better, why are there the same problems with it?

          Developers need to learn from their mistakes before making new ones.

        • #3067801

          Re:hackers waste time

          by nishanthnair ·

          In reply to hackers waste time

          “the time we spend fighting hackers could be put into developement a new technology instead of being wasted on better security. ”

          This suggestion is like saying disposing US army and missiles and use those money to feed the poor … 🙂 As we all know this cannot happen bcoz we must be prepared for a security breach….Same is the case with computers..
          For a bank , it is worht the amount spending in fighting hackers than to find accounts hacked one fine day morning ..

        • #3067695

          apples and oranges

          by avid ·

          In reply to Re:hackers waste time

          I do get your point, but you can’t really make compare the two. i know that we will never be a eutopian society where everyone is more concerned with doing what is right instead of doing what they want, but we need to develope better and harsher laws to govern the consequences of hacking and similar crimes. I contract out to several banks. we recently went through a FDIC security audit and had to make some more changes. these changes were very expensive and time consuming. most of the changes were really not necessary but had to be in place because of employees that might be potetial hackers. i know most of these employees personally. not a single employee their has the slightest understanding of hacking. this, and many others, are examples of the paranoia and expense created by hackers. i know they will always be with us, but i think there would be fewer of them and also that they would choose their targets better, if we lumped them all into the same category, both legally and ethically, and gave them very stiff punishments.

        • #3067749

          you might be right but who is to blame

          by catfish182 ·

          In reply to hackers waste time

          You do bring up some good points. They are breaking the law. Regardless how you look at it it is a criminal act. BUT is it really anyone here who makes hackers out to be more then what they are. I think its 2 things, the media and the internet. I say its the media due to the reports you hear glamerizes the lone person doing all those bad things to such a big company. Most people love to hear of a big rich company getting the stick. thats what hackers do. I say the internet because they go there to meet others because they cant go anywhere else. Most of these ‘hackers’ are kids looking for a way into the IT world. (i say kids even though im only 33)Though hacking they have a direct portal to tech and they can use it. No one is telling them “no you dont know how to use it” they have free reign. Imagine you can go to 2 stores both which hold your favorite things. One store says “you can look but dont touch” while the other store says “play with it, work with it, do what you want”. Which one would you go into? What we as IT (IS, whatever it is) need to do is be aware of people that are interested and try to help them in some way. Also if your reading this and saying “O he is a hacker, i know it” well 2 things…. 1 no im not. 2 thats the atitude that is making people act like that.

        • #3067598

          only the ones without real knowledge care to put others down

          by dgenerous1 ·

          In reply to hackers waste time

          point blank im a hacker, that doesnt mean i go out of my way to hurt other people, but it does mean i know tat others dont like me because i have skills they could never have. Some of the best programers in the world right now are hackers. they take some peice of software that there using and break-it so they can get to know it better and maybe fix anything that amy be wrong….need i remind you about the win98se login security??? i think not, but it was hackers that cased it to be changed, not the corprate world. Calling us theives and criminals, well there are some whom get that god complex and need to be dealt with, but the rest of us who do the world good by posting our finds on bugtraq and give aid to companies like maccaffe and symantec should not be kept in the same pile as the bad eggs. yes i defend my brethren, but we also punish ourselves too. Keep in mind that the common viruses thats let loose is because someone isnt listening to us and then after the talking doesnt work proof needs to be seen, but of course any scriptkiddie could make a terrible virus from just cobbling someone elses droping worm and a system format command. oh yeah, the professional world means anyone who is paid for their sevices and i get paid to check others security…form the outside.

        • #3066842

          God complex?

          by richard.lutes ·

          In reply to only the ones without real knowledge care to put others down

          Look in the mirror

        • #3066779

          too much ego kid

          by avid ·

          In reply to only the ones without real knowledge care to put others down

          you need to check your ego. if you are not breaking the law then it is okay. if you are you are a criminal, a petty one at that. i have more respect for criminals who actually put themselves in harms way. hackers are cowards who think they are smarter than the rest of the world. this kind of delusional thinking is infecting the other kids who could have a meaningful career in the Professional IT Arena. your post exhibits the very flaws you speak against in your post. “point blank im a hacker, that doesnt mean i go out of my way to hurt other people, but it does mean i know tat others dont like me because i have skills they could never have.” what makes you think that just because we have chosen to ply our trade legally that you are smarter than the rest of us. everybody gets caught sooner or later. in most cases they get caught by too much bragging. so, check your ego.

        • #3066690

          fear hate and pitchforks

          by 0troy ·

          In reply to too much ego kid

          Hey, lets all be afraid of things we don’t understand! And then, when someone tries to help us understand them, we’ll ignore them, and call them names!

          Don’t even bother trying to explain to them. Some people will never understand.

        • #3068200

          re: fear hate and pitchforks

          by avid ·

          In reply to too much ego kid

          don’t confuse fear with disgust.

        • #3067968

          Why not use your skills in a more productive fashion?

          by charliespencer ·

          In reply to only the ones without real knowledge care to put others down

          Assuming what you say is true, and you truly believe what you say about providing a benefit, why aren’t you using your skills through legal methods, such as employment with an AV or security firm? Why check security from the outside for free when you could be doing it from the inside for pay?

          Just wondering.

        • #3067939

          Of course

          by 0troy ·

          In reply to Why not use your skills in a more productive fashion?

          Of course hackers work for security firms. I’d wager you know at least one hacker. We don’t just sit at home and think of stuff to do. We’re productive members of the technology community just as you are.

          As for productivity, Linux is an entire operating system that was made entirely by hackers and is free to anyone to contribute.

        • #3056494

          I was hoping for a reply from dgenerous1

          by charliespencer ·

          In reply to Why not use your skills in a more productive fashion?

          oTroy, I apologies for not making it clear that my comment was aimed at dgenerous1. He’s the one making a case for benefiting society from outside the law.

        • #3056281

          re: dgenerous1 post

          by lesko ·

          In reply to Why not use your skills in a more productive fashion?

          I think you missed the part about him getting paid to test security from the outside. My company (a government owned corporation) hire firms/individual consultants to hack us from the outside quite frequently. They hack us, they write a report and we pay them.

          I think this is what dgenerous1 is in to … he’s a hacker my company needs people like him .. nothing bad with that

        • #3056234

          Lesko, thanks

          by charliespencer ·

          In reply to Why not use your skills in a more productive fashion?

          I did miss that part.

          I don’t know if I’d hire someone who presents themselves in such an unprofessional fashion. Maybe he comes off better in person, or maybe he’s the “talent” and has a partner who handles customer relations.

        • #3067809

          I agree

          by el_nene_4_u ·

          In reply to Hero/Villain = Love/Hate = Fine Line

          Actuallly, I have the same kind of debate with my students every single day of the course, or at least every week. I completelly agree with you, let them do what they do best, test our code and our systems and tell us, the programmers and IT staff, what to do and what not to do with our applications. I prefer to have a well debugged app rather than a feeble one. On the other hand, I prefer the old meaning of the word hacker for the good guys, and to leave the bad stuff for the crackers, cyber-terrorists, or whatever yuou like to call the bad guys.

        • #3067313

          hackers crackers a “necessity?”

          by chucklereed ·

          In reply to Catch me if you can!!!!

          to call purveyors of malware a necessity to point out sucurity weaknesses is like saying murderers are necessary to show how people may be slayed

        • #3056047

          from an engineering P.O.W…

          by spitfed ·

          In reply to hackers crackers a “necessity?”

          is like saying that we need vandals to test the structural limits of our Skysrapers / Brigdes / etc…

          Unfortunately hackers are here to stay, are needed in the IT sectors that they ironically helped create, and are now therefore a necessary discomfort.

        • #3067873

          Low Grade Hachers

          by dcollins1 ·

          In reply to Catch me if you can!!!!

          Any first year grad can design a virus but do they also know how much damage they cause by there program

        • #3067787

          Script Kiddies?

          by techrepublic ·

          In reply to Low Grade Hachers

          Did anyone say that yet?

      • #3068423

        The “Dark Side” of Software Development

        by amsoft1993 ·

        In reply to they do get treated well….

        As a software developer now network security specialist, I think the facination (worship) of hackers / crackers from IT pros is limited to those in the field who know very little about software development an computer programming. I have seen cracker code, and believe me, most of it is poorly designed and is full of bugs, but if the ultimate purpose is to destabilize a computer or network, it’s more than sufficient. It should be required for Administrators to at least have a fundamental understanding of programming, OS APIs and how to programatically access the TCPIP protocol stack.

        • #3067541

          A little knowledge please.

          by andeanderson ·

          In reply to The “Dark Side” of Software Development

          You are correct in saying Administrators should have a fundamental understanding of programming to counter the hackers/crackers.

          I, for one, do not have the luxury to spend too much time, or resources, re-learning basic programming to battle hackers/crackers and elected to take a “Certified” course called “Certified Ethical Hacker” which was advertised to prepare corporations to defend against hackers/crackers.

          I left the class entertained by some of the stories and by a classroom network that got hit by a virus just after the Instructor finished bragging about how he had never used an Anti-Virus program and had never been infected.

          After getting the server reloaded, half of the programs we were supposed to learn about would not work, it was a mix of Windows and Linux, so we were told to find them on the Internet and study them at home on our own.

          I found I had learned more about protecting my network on my own than what this so-called “Certified” class taught me. Maybe they should have hired a real Hacker to teach the course instead of just a Book-Educated “Expert.”

        • #3067253

          Gah, awful class

          by jmgarvin ·

          In reply to A little knowledge please.

          Typically not only do I teach how to be a script kiddie (using the available tools and such), but I also push for programmatic understanding (buffer overflows are a great start).

          It is a hard road and a short course probably can’t teach you what you need to know.

          My suggestion: If you want to learn how to hack, get the tools, get the programming knowledge, and get the deconstruction attitude.

          Keep in mind, some people just aren’t hackers. They don’t think that way or function at all like that. Some people tread a fine line between being a good guy and a bad guy…and some people can’t help but cause trouble.

        • #3067246

          Well posted.

          by 0troy ·

          In reply to Gah, awful class

          I’ve always been of the mind that one is innately a hacker. They have an innate interest in technology and computers, and a serious case of curiosity.

          You may start as an tech, but if you nurture your curiosity, you will evolve into a hacker.

          It can be taught, but it may just leave you more confused.

        • #3067577

          it can and is taught

          by dgenerous1 ·

          In reply to Well posted.

          true the best hackers are the innate ones but it is not to say that some of the ones out there are just “book” learned kids that want to see how far they can go before they get caught. Curiosity helps but the drive to learn more and a mind that can see how things work dynamicly are the only true prerequisites. and for a definition hacker: (Originally, someone who makes furniture with an axe)
          1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum
          necessary.

          2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.

          3. A person capable of appreciating hack value.

          4. A person who is good at programming quickly.

          5. An expert at a particular program, or one who frequently does work using it or on it; as in “a Unix hacker”.

          6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.

          7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.
          “taken from dictionary.com”
          with this in mind please refrain from calling the worst of us hackers rather call them as they are: crackers: those whom use there talents to gain illeagal access to others systems, scriptkiddies: those whom use others programs to gain the same efforts as a cracker but dont understand how it worked( imo is the worse out there), and remember next time u download your next anti-virus update it was created by a hacker.

        • #3067563

          Agreed, but it has been my experience that…

          by jmgarvin ·

          In reply to it can and is taught

          Those who WANT to be hackers will be hackers, but some just can’t get the attitude. I’m not sure what that mythical attitude is, but it seems some people REALLY WANT to be a hacker, but just can’t get the mindset.

          Let me explain:
          Let’s say there are two students. One who is already of the hacking mindset and one willing to learn. The hacking mindset student will pick up everything pretty quickly, but need some pushes and deep explanation as things get more complicated. The other student gets stuck with your point 1 (they just can’t grasp how to push the system), point 4 (they are too “real” to whip out fast and dirty code), or 7 (they can’t quite “find” the limitations).

          I found out I loved hacking when I accidentally wrote a “macro” (what were those damn things called???) that brought a friends bbs to its knees. After that, the love affair started.

          Some people just aren’t built to be hackers. They either are too anal about their coding or just can’t see how to push the system to the limits.

        • #3056231

          you left out a few

          by avid ·

          In reply to it can and is taught

          1 One who uses programming skills to gain illegal access to a computer network or file
          2 a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism [syn: cyber-terrorist, cyberpunk]
          3 (Deprecated) A malicious meddler who tries to discover
          sensitive information by poking around. Hence “password
          hacker”, “network hacker”. The correct term is cracker.

          not to impune your definitions. i saw them on the same them on the same website that i got these. i only posted these to show how varied the defintions can be. we inthe IT community need to provide more definative terms to the general public so there will be less confusion. after that there will be less ridicule.
          i do believe that the original post was referring to the malicious hacker instead of the law abiding hacker.

        • #3056055

          to: jmgarvin and avid

          by apotheon ·

          In reply to it can and is taught

          [b]jmgarvin:[/b] I’ve come to the conclusion, having dealt with a lot of hackers and wannabe-hackers, that you can’t ever really become a true hacker as long as that’s your goal. A hacker isn’t someone that wants to “be a hacker”. Rather, a hacker, in the purest sense of the term, is just someone that loves to hack. To be a hacker, you do not try: you simply be. People can go from wannabe to true hacker, but it tends to involve a shift from trying to simply doing. That’s where the real line of demarcation seems to exist, and it explains the manner in which real hackers tend to look upon wannabe-hackers — perhaps a little fondly, but with a certain dismissive attitude. This, of course, is because the real hackers have realized that the label is superfluous, and the really important thing is the code.

          [b]avid:[/b] The “hackers are crackers” definitions you’ve provided are corruptions of the terms, and not proper definitinos. Contribute to clarity and accuracy by refraining from using, supporting, propagating, or accepting those definitions as valid, please. I’m sure the original hackers, mainframe jockeys who were also members of a model railroad club together, would thank you for defending their good name.

        • #3053927

          re: Apotheon

          by jmgarvin ·

          In reply to it can and is taught

          Yes! You are correct. I didn’t know quite how to phrase it, but you nailed it.

          Too many people think they are hackers when in fact that have very little idea of how to get into the system and uh…break things 😉

          Ok, so *I* mostly break things… 😉

        • #3053980

          Buffer overflows, shold be avoided

          by gunnar klevedal ·

          In reply to Gah, awful class

          Programming education

          For educational purposes I suggest a language with strong type control. You should also be forced to declare all your variables explicitly.

          The rules for scope of variables, functions and procedures should be clear. It should also be clear what happens when you pass a variable by reference or by value.

          Some languages permit you to put a lot of functionality into one line, but I suggest you be a bit more verbose. Type conversions should be out of bounds the first months. The same goes for variant types.

          OOP, Object Oriented Programming, is an option only, and I suggest you leave objects and inheritance et cetera out in the beginning

          I guess Buffer Overflows are more common in C than in Pascal.

          If your code is not self-documenting, do add comments.

          Tribute goes to Niklaus Wirth and Borland Corporation.

          Regards

          Gunnar Klevedal

        • #3065231

          Should be, but aren’t

          by jmgarvin ·

          In reply to Buffer overflows, shold be avoided

          I agree. I think Pascal should be the first language any student learns. Not only is it strongly typed, but it is clear and pretty easy to pick up. C is a little harder (by nature) to pick up and play with. Plus C lets you shoot yourself in the foot without a care in the world. I also have a problem with students following Null Pointers into terror incognito. It seems to be an introductory programmer thing. I explain to them following a null pointer is an exersise in insanity, but it typically falls on deaf ears 😉

          Buffer overflows are VERY common. I don’t know what the deal is, but it seems there are either some very messy programmers out there or in some cases they are unavoidable.

          What OOP do you like the best? I’ve been getting more into C# and Java and away from C++ (for the beginner). What do you think?

        • #3065190

          OOP languages

          by apotheon ·

          In reply to Should be, but aren’t

          Considering the limited capabilities of VM-based languages like Java and anything .NET, I’m constantly surprised at the popularity of the languages for everything from server applications to beginner programming education. In some ways, they’re slick languages that might make learning programming seem “easy”, but ultimately I think they do the student a disservice.

          For teaching object oriented programming to the beginner, I’d recommend something compiled or interpreted (or some reasonable facsimile thereof), rather than a bytecode/VM language, which combines the worst aspects of both. If your students are already competent procedural programmers, you might think about going with Ruby as an introduction of OOP. It really throws the programmer into the deep end of object oriented methodolgy, but does so without being difficult or obscure. It also allows you to focus on OOP techniques, without having to learn a whole bunch of wacky stuff specific to the language and difficult to grasp.

          If you are looking to teach OOP to C programmers, either C++ or Objective C will do. C++ is probably actually not the best language in the world for teaching OOP, but it’s prevalent enough that you’re at least giving your students something useful in terms of language familiarity, and it was one of the earlier OOP languages. Objective C is a far better language, in and of itself, for teaching OOP, but some might object to it based on its relative lack of popularity. I’d definitely be inclined to push for ObjC over C++, but department heads at universities are highly unlikely to support that decision.

          If your students are primarily familiar with Pascal, there’s no choice better for teaching OOP to them than migrating to Object Pascal (aka Delphi, the name of the common Borland IDE for Object Pascal). Object Pascal is also available for other platforms than those on which Delphi will run: Kylix and Free Pascal are two tools for working with Object Pascal on Linux, for instance. Kylix comes from the same place as Delphi (Borland), and provides Linux-platform Object Pascal and C++ development that can be Windows cross-platform compatible. Free Pascal is an open source compiler, set of runtime libraries, and pile of extensions for more hackish programmers that prefer the nitty gritty of programming in a text editor and compiling at the command line (or who just don’t want to spend money on a “superfluous” bunch of software like an IDE).

          Frankly, I’d be inclined to choose Ruby, Objective C, and Object Pascal as the necessary beginning languages for the first two years of schooling in programming, if I was running a CS department somewhere. None of them is anywhere near as popular as C++ or Java, but they’re much better suited to education, having fun with programming, and developing good code. They’re also all available for free, with no restrictions on use, and provide a simple way to eventually get into the advanced matters of programming since they all have open source compilers/interpreters available and easily accessible.

          In terms of further programming instruction, there are also a few other languages to consider:

          Perl is a must-have for anyone doing system administration on unix/Linux platforms. If you’re teaching unix/Linux, you should be teaching Perl. Period.

          C is important for all the obvious reasons. It also provides a lead-in to Objective C in the same way that Pascal does for Object Pascal. C++ isn’t as much a natural follow-on from C as you might think, and if you want a clear migration path I’d recommend C to Objective C any day of the week.

          Can’t forget Lisp. While I haven’t really worked with any variant of Lisp much (only touched, very lightly, on Scheme), it seems to be the clear winner for teaching fundamental programming theory by way of practical skill instruction.

        • #3065056

          OOPs and object libraries, Ain’t got any

          by gunnar klevedal ·

          In reply to Should be, but aren’t

          OOPs and object libraries, Ain’t got any

          I have been programming for school, hobby and leisure. Most often it has been for fun. All code has been different, so I have had no use for reusable objects or DLLs.

          When Borland releases DELPHI 1.0 as freeware, I will get it and use it.

          Regards
          Gunnar Klevedal

    • #3068237

      Can’t respect Hackers

      by aaron a baker ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I have absolutely no respect or regard for hackers.
      why go into someone’s else’s source code if not to figure it out and possibly make changes? Why the bother? I believe that there are two types of Hackers out there. Hacker A, being the letch that goes into a program and alters it to function for his/her own nefarious purpose. Hacker B, “Not acknowledged” is the person who goes into a source to learn and. These would never dream of inflicting discomfort on the Computing world and so for the most part remain unrecognized. These I can respect and even admire. WE all want to learn and in this business, it doesn’t take very long for one to get left behind so you always have to be on the lookout for what you might have missed. But these are the “Good” hackers. As for the Other vermin out there, I still believe that a very stiff Jail sentence,instead of a pat on the back would go a long way towards reducing their numbers. AS it is now, some of us are actually stupid enough to hire them, under the false impression that” While they are on our side they won’t affect us”, How absurd. Hackers A, are vermin who couldn’t come up with the required credentials for an honest position so they resort to attention getting by disruption thereby costing us Millions in untold damages.
      Not to mention what we have to go through. It’s pretty hard to have anything but disdain and disgust for these B types.
      Problem is, How do we tell them apart?
      And so it goes.
      Regards
      Aaron A Baker

      • #3068461

        All confused!!!

        by kevaburg ·

        In reply to Can’t respect Hackers

        On one hand you say you have no respect for hackers. On the second hand you say you respect and even admire other hackers that “want to learn”. If they want to learn, read a book!

        To say that you have no respect for, I presume, unethical hackers, is a very dangerous position to take. These people probably have a better working knowledge of our networks than we do. They have to in order to do the job they do.

        As hacking of any description is illegal (unless governed by specific contracts for penetration testing) the view I get of your opinion is that this illegal activity is OK for the chosen few on your list.

        • #3068425

          Shape Up Or Ship Out

          by semmyd ·

          In reply to All confused!!!

          Love them or hate them they have directly affected our work as network and systems admins. We have to catch up fast and we have to learn what they know otherwise we are going to be found with egg on our faces all the time. Whether you like it or not security has become a critical area for a lot of organisations. Companies now want to hire SysAdmins who have a working knowledge and are consious of security. Its a shape up or ship out scenario. What better way to learn about protecting your network than to hack it yourself!

          Changing times!! I have found the SANS curriculum to be quite educative in this respect all though very pricy.

        • #3068424

          hacking is not illegal

          by jez ·

          In reply to All confused!!!

          To kevaburg …. hacking itself is not illegal. Unauthorised access to a system or data is the illegal part.

          If it wasnt for hacking ( the good kind ) there would be no linux.

          You need these people bad and good to keep us on our toes in making secure systems and keep us up to date with their depth of knowledge.

          This is not a black and white argument.

        • #3068413

          I agree but…..

          by kevaburg ·

          In reply to hacking is not illegal

          Surely if a hacker has gained access to a system that the person does not belong in, that is illegal? To that end, I agree entirely with ethical hacking to determine a networks strengths and weaknesses but these projects have to have very clearly defined goals and restrictions to prevent this turning from a gain to a loss.

          Hackers certainly do keep us on our toes, but there is a difference between that and willfully destroying or exposing sensitive data.

          You are right: There is no black and white but at which point do we draw the line?

        • #3067565

          without hackers

          by dgenerous1 ·

          In reply to hacking is not illegal

          without hackers bill gates would have never found the beginings to windows, apple would never have got going, mit unix, berkley unix aix and dread to say spac os could not exist.hackers do so much good and then take all the brunt for anything that goes bad. To tell the truth, if you have ever been to a proper collage or university computer networking course then you probly listend to a hacker for say 120hrs or so and never knew any diferent. i agree that the ones who purposley cause mischief should be dealt with severly but that cant happen as long as the ones who get caught doing illeagel stuff are the ones getting hired by the big companies.

        • #3068418

          are we illegal !!)

          by amyousso ·

          In reply to All confused!!!

          As systems & network admins, we need to learn the techniques the hackers use, to protect our systems and sometimes save us time.

          For example this weekend we had no way to work around a lost admin password in one of our main WinNT servers.

          We had to work all the weekend on that. But thanks to some website that gives hacking tips, we could easily access the SAM (Database that hold users and pwds) delete it, booted with a blank admin password and restored our system. (so, are we illegal !!)

          I would like to describe hackers as opposition parties in a democratic country.

          When there is opposition parties, the ruling party can better watch out before making decisions.

          So, let us better protect our systems and let hacker enjoy their hobby.

        • #3068411

          Bit of a difference I think!

          by kevaburg ·

          In reply to are we illegal !!)

          I think there is a difference between accessing legitimate resources on your own network and accessing resources that you shouldn’t on another. If it wasn’t for that point and the problem you described, all password recovery software, port-scanning tools and the such-like would be illegal to purchase.

          I think the keywords are “authorised” and “unauthorised” access and how the terms are defined by a companies IT Security Policy.

        • #3067557

          access

          by dgenerous1 ·

          In reply to Bit of a difference I think!

          if it was a point of athorization then all one would have to do is submit a notice of intent to a company and if they dont directly tell you not to then you could assume athority and access their systems. beyond that it becomes grey because you need proof that you were there and its always easier to copy a file then to plant one(one that they can delete to say you were never in the system) and then again they could also have you arrested for tampering in vital information( that consequently does not have to be prooven in court) and since 9/11 im sure were all on the lists of people who know too much just because were in it/is and not there back pockets

        • #3066763

          GROW UP

          by avid ·

          In reply to access

          you have watched too many hacker movies. obviously ou know nothing about the law. “if it was a point of athorization then all one would have to do is submit a notice of intent to a company and if they dont directly tell you not to then you could assume athority and access their systems.” what the hell. are you going to write a letter to some one and, if they don’t answer, assume that you have their permission to access the systems ? how old are you anyway? you sound like you are about 14. am i close ? do you really think that the government gives a rats a$$ about some little kid. do you seriuosly think that your name is anywhere on a government list of people who “know too much”? this is the real world and as bad as it may bruise your little ego, no one in the government even cares who you are. you just are not that important.

        • #3068417

          are we illegal !!

          by amyousso ·

          In reply to All confused!!!

          As systems & network admins, we need to learn the techniques the hackers use, to protect our systems and sometimes save us time.

          For example this weekend we had no way to work around a lost admin password in one of our main WinNT servers.

          We had to work all the weekend on that. But thanks to some website that gives hacking tips, we could easily access the SAM (Database that hold users and pwds) delete it, booted with a blank admin password and restored our system. (so, are we illegal !!)

          I would like to describe hackers as opposition parties in a democratic country.

          When there is opposition parties, the ruling party can better watch out before making decisions.

          So, let us better protect our systems and let hacker enjoy their hobby.

        • #3068412

          Your kidding?1

          by rlutes ·

          In reply to are we illegal !!

          Why didnt you do what every other windows admin does. Start loading windows and restore the currently installed version.

          Apparently you havent had to budget for or tell your stockholders WHY? some clown broke into your network.

        • #3067503

          Read a book?

          by theundertaker ·

          In reply to All confused!!!

          Interesting perspective… But I have a question: How are books written? By people who have done “something” and want to share their findings (or want to capitalize on a current trend by merely re-stating what hundreds of others have previously stated, but that is another rant). Even in college, when we “read a book” isn’t that followed by lecture and then some sort of examination to test the subject matter of the reader?
          Now before you fire off with some foolishness, allow me to expound. I do NOT advocate any illegal activity, but there are ways to learn that are legal and ethical (VMWare, networking with others, sharing environments, etc). As with open source software, having many eyes looking at a problem will result in new problems, followed by new and creative solutions.
          Breaking into systems is trivial, and defacing web sites is foolish. The really “fun” aspect is in defending your site against the ones that choose the “wrong” side. Playing the game 7×24 and keeping things secure while pitting your intelligence against the collective brainpower of the rest of the planet, now THAT is a rush (and the true test of one’s skills). This is a task that gains (and deserves) others respect.
          Please remember that the essence of hacking is looking for and gaining knowledge, not breaking into systems or releasing malicious worms/viruses.

        • #3067421

          hacking

          by simplyshaman ·

          In reply to All confused!!!

          ok first off.. kev.. he’s got a point… those who take a look but don’t cause harm.. only help the it community… most of the time what the “true” hackers ,or that which was originally known as white hat, are about is to help other programmers tighten security by leaving little notes in a system they’ve penetrated… the human capacity to learn is absolutely profound… and there is only so much that can be found in a book… but as far as hiring so called hackers when put in regard to these malware coders out there… they’re not hackers.. not in the original sense of the term.. but they do serve a purpose… they help to debug our systems by showing us where our programming and security flaws are… yea i’d hire them… but they would be watched…

        • #3067273

          crazy

          by avid ·

          In reply to hacking

          so if i break into your house, rummage through you closets, maybe open your safe, take a peek at you wife she is showering, it is O.K. as long as i put everything back where i found it ?

        • #3067301

          I misunderstated intent of idea

          by aaron a baker ·

          In reply to All confused!!!

          misunderstated my intent. What I can and do admire about “Some People” is that they are willing to into a program to “Learn”. I can’t think of another name for it as it could easily be thought of as hacking. Once your in, you’ve hacked, that’s the bottom line. So what’s the difference, the difference is the reason for the act. I respect anybody to tries to better him/herself. This is not the same as hacking for the purpose of altering and /or causing malfeasance.
          I have on many occasion gone into a program, “To Learn” and I’ve learned a lot. That doesn’t make me a hacker, ” I don’t change a single thing. It make’s me a person who is learning. Not all of us had the luxury, not matter how earned of going to a school to be taught and had to learn on our own. So it was with me and I’ve been learning since 1985. Allow me then to restate, there is a vast difference between the person who want’s to learn and the scum who do everything they can to cause discord/damage and disorder. To me, this widens my”Chosen few” list to much more than might be imagined. As a matter of fact, I never met a Tech who hadn’t gone into someone else’ program, does that make them bad, see my point? We are not all bad, we just want to learn. The trick is, how do you tell us apart?
          Hackers in the true sense of the word are vile and should be treated as such. However I for one refuse to stop learning on the basis that I might be thought of as one of those. There is an awful lot of knowledge out there and we’d be foolish not to take advantage of the learning possibilities.
          And so it goes
          Thanks for the comeback.
          Aaron

        • #3067605

          to learn ??

          by avid ·

          In reply to I misunderstated intent of idea

          there is plenty of open source out there to learn on. it is not necessary to break the law to learn.

        • #3067545

          could you be so narrow

          by dgenerous1 ·

          In reply to I misunderstated intent of idea

          hackers are not vile nor are they all to be deamed such. if anyone could open there eyes and minds for more than a micro then they would see that hackers are not that bad, for such; a mechanic who takes an engine apart and fixes it is a hacker in the true sense of the word. a doctor who opens you up to help your heart keep beating is a hacker by definition, so to clump the bad with the good is not just a missight but a gross atrosity. I open others code to learn, gain ideas or to make a change that will make my life easier, not to cause mischief and malfeasance. does that make me a criminal? or just someone who bears watching? or am i and others like me competion so by not using a title that others can relate you use titles like cerified systems engineer and systems anylist….if you dare to learn more than how to use it then you are by definition a hacker( maybe not one of the elite, hell even im not there myself)

        • #3066861

          is it legal

          by avid ·

          In reply to could you be so narrow

          if you decompile code that has been copywrited and is protected from decompiling by the law or end user agreement and you do not have explicit permission from the owner of the the code, then you are a common criminal. no different than a petty thief. if you have permission, it is an entirely different case. there is no debating it. it is completely black and white.

        • #3066689

          True

          by 0troy ·

          In reply to is it legal

          That is true. It is illegal. But would you rather have Crackers decompiling code, and finding holes, and writing worms… Or Hackers finding the holes, reporting them (and in some cases fixing them).

          Worms are a pain even with the patch to stop them. What about a worm that doesn’t have a patch fix for it?

          Who else is going to find the holes? The vendor??? While they do release updates, they’d prefer their software to be as unblemished as possible. Some don’t have your best interest in mind.

          I say you should have *your* best intrest in mind. And if you can’t check the code yourself for errors that will wind up costing your company money, then you’d better hope someone with good intentions is, because the bad people definately are.

        • #3056350

          issue of ownership

          by avid ·

          In reply to True

          if i own it and you hack it without my permission, no matter what your intentions are, i will still be angry. you can’t steal my jeep and go joy riding and claim you were just making sure it was still safe for me to drive.

        • #3056309

          But why not?

          by ron ·

          In reply to is it legal

          The whole concept of ‘reverse engineering’ being unlawful is so wrong. It should only be unlawful if you are doing it for unlawful reasons.
          In Arizona it is legal to carry a gun, as long as you don’t use it to break any othe laws. The same should apply to ‘reverse engineering’ of software!
          If the original author can’t or won’t make the software safer/more usable, then why can’t we improve it ourselves for our own use?
          If we find a security bug in the process, why can’t we advise the author how to fix it?
          I have done a lot of ‘private patching’ in the past, and never done any harm.
          Am I a Hacker??
          Am I a Bad Person??

        • #3056244

          laws laws laws

          by avid ·

          In reply to But why not?

          because the same laws that are in place to allow someone to carry a gun, protect copywrited code from decompilation. i did not write the law, i simply abide by it. maybe soon there will be an ammendment the these laws and we will be able to purchase software, decompile it, and fix what we want, as long as we do not publish it. until then, it still can land you in jail.

        • #3056112

          Sorry Avid, not in my universe

          by bhunsinger ·

          In reply to is it legal

          If I buy a copy of a program and then take it apart to see what makes it tick, I don’t give a rat’s behind about what some lobbiest snuck into a copyright extension bill. Copyrights have exemptions for educational purposes. There is also an exeption for critical reviews. In fact, there is an entire literay culture called deconstructionalism. It’s not illegal.It’s not even wrong.

          Breaking an enduser agreement? That does not make me a criminal or a thief, it puts me in breach of contract in what used to be called a contract of adhesion. That makes me liable for damages in a civil court. Hmm? What damages for taking apart a program on my machine? Can you spell de mimimus? it means-here’s a dollar- now go away.
          DEconstruting the code to reverse engineer it is, I grant you, a different and more serious matter but that is a copyright infringement only if you distribute or sell the product. That’s what software companies sue each other for instead of calling the cops.
          If I buy a lock, I need to know how hard it is to break into. Am I supposed to trust the salesman who tells me “it’s a good lock, but your not allowed to see how good it is and sign this letter saying we are not responsible for any losses you have because it does work the way I’m telling you it does.” ? I want to know how long it takes for someone to bust into it, and that is done by independent testing.
          As for unauthorized access, Last week I fired up a customer’s laptop in our shop. We do not have a wireless router on our network. Imagine my surprise to see that it was logged into a wireless network. No quetion not so much as mother may I, in. I did not see if I could find a network, but if I had, found thier printer and print a note to them saying just how dumb they are, would I have been wrong? I am not asking about legal here-that is a different thread- but ethics.
          If you leave the door to your house ajar, I knock on it, and it opens, do you want to know?
          Being able to assess the weak points of any structure, digital or physical with an eye to entering or destroying, is a talent/skill. It is how it is exercised. Some people make a fine living imploding buildings to clear land for new construction.
          By the way, I don’t do code, its not my bag

        • #3056093

          Sorry avid, the original post was about ethics

          by ron ·

          In reply to Sorry Avid, not in my universe

          I believe we are talking about ‘ethically right or wrong’ rather than what some law created by ignorant legislators and interpreted by the old farts on the supreme court says is wrong!

          Now, did I do anything ethically wrong?

          And what part of the copyright law did I break without redistributing the programs with my changes?

        • #3056062

          agree but

          by avid ·

          In reply to Sorry Avid, not in my universe

          if my door is open that is one matter. if you bash it in with a sledge hammer and tell me my house is not secure enough, then i have ito question your sanity

        • #3056061

          agree but

          by avid ·

          In reply to Sorry Avid, not in my universe

          if my door is open that is one matter. if you bash it in with a sledge hammer and tell me my house is not secure enough, then i have to question your sanity.

      • #3067369

        Definitions

        by ni70 ·

        In reply to Can’t respect Hackers

        [i][b]HACKER[/b]: A slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s). Among professional programmers, depending on how it used, the term can be either complimentary or derogatory, although it is developing an increasingly derogatory connotation. The pejorative sense of hacker is becoming more prominent largely because the popular press has coopted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. [b]Hackers, themselves, maintain that the proper term for such individuals is cracker.[/b]

        [b]CRACKER[/b]: (1) To break into a computer system. The term was coined in the mid-80s by hackers who wanted to differentiate themselves from individuals whose sole purpose is to sneak through security systems. Whereas crackers sole aim is to break into secure systems, hackers are more interested in gaining knowledge about computer systems and possibly using this knowledge for playful pranks. [b]Although hackers still argue that there’s a big difference between what they do and what crackers do, the mass media has failed to understand the distinction, so the two terms — hack and crack — are often used interchangeably.[/b]

        (2) To copy commercial software illegally by breaking (cracking) the various copy-protection and registration techniques being used.[/i]

        It amazes me that even IT Professionals do not know the difference between hackers & crackers. I’m a computer enthusiast, which by definition makes me a hacker, but in no means makes what I do illegal. I enjoy working with computers and open source software, by [i]hacking[/i] the source code to get it to work the way I want it to work. I just wish people would use the term hacker properly!

        Post edited because some still don’t understand the difference between [i][b]hack[/b] and [b]crack[/b][/i].

        • #3067796

          Right definition of a Hacker Vs Cracker… Finally!

          by el_gazzítò ·

          In reply to Definitions

          That is great. I agree fully. To Hack a program is to go through it step by step and learn how it achieves what it was written to do. Everyone who is tech savvy must have done this at least once.

          Doesn’t matter if the program was written in BASIC, COBOL, C, Assembly or any other language. If you have done this, then you have hacked.

          Also, there really is no better way to learn how to program assembly, than to go through someone elses code. You can learn “All there is to know” from books, and that is great, but there is no better way to learn (for me anyways) than to actually see it in action.

          ??? Hasta Lasag?e !!!

          Gazz.

        • #3067546

          Simple definition

          by kontrolsphreak ·

          In reply to Right definition of a Hacker Vs Cracker… Finally!

          If you’re not creating, building, or making something better you are not a “Hacker”.

          If your sole purpose is to damage or destroy, you are merely an anti-social individual most likely angry that you are unable to create.

          Call those people whatever you like, but NEVER call them “Hackers”.

        • #3047283

          My point exactly.

          by el_gazzítò ·

          In reply to Simple definition

          Crackers are the malicious ones.

          Hackers are the ones who are there to “see how it works” and learn from that.

          ‘asta

          Gazz.

        • #3053976

          What about disassembly?

          by gunnar klevedal ·

          In reply to Right definition of a Hacker Vs Cracker… Finally!

          Many years ago I wished I had a symbolic disassembler. Not today. It is more fun to create your own programmes. There is an abundance of environments for various platforms.

          Tribute goes to John Socha, programmer of Norton Commander , ultimate MS-DOS tool

          Regards
          Gunnar Klevedal

        • #3066889

          im with you

          by dgenerous1 ·

          In reply to Definitions

          i lost several moths of schooling because of people not understanding the differnce in what i do(my highschool took my laptop away several times and could never get into it to prove what i was doing, but caused my other classes to slip cause they had all my work) and what the little shits at the end of the room where trying to do. if people who are in a point of power came to understand the differnce in the two types of people who hack and crack then our life would be simpler and people would have less right to hate us and have more cause to go after those whom need to be caught( i still think the goverment is pushing this confustion of terms)

        • #3066852

          what exactly were you doing

          by avid ·

          In reply to im with you

          what caused them to take your laptop ? were you breaking the acceptable use policy of your high school?

        • #3066838

          geez

          by richard.lutes ·

          In reply to what exactly were you doing

          I think he/she needs to get a grip on reality.

        • #3066688

          Leave him be…

          by 0troy ·

          In reply to geez

          Leave him be, some people just need someone to blame for all the woes of the world.

    • #3068421

      Why hacker…fascination

      by cmurray8 ·

      In reply to Hackers, crackers, etc. – treated like heros?

      In my humble opinion the IT industry has had a fascination with ‘dark side’ programmers since their ‘creation’ in the 1960s. In some perverse way they have advanced the IT industry which I’m sure many would not admit to.

      • #3067276

        Box Car Effect

        by joeaaa3 ·

        In reply to Why hacker…fascination

        1. Hammer
        2. Nail
        Add an adequate amount of force with 1. to stike 2. and you have it.
        You hit the nail right on the head. Too much armchair discussion on a subject that has been around for a long time, enough said.

    • #3068419

      Please……….

      by rlutes ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Let’s define the name…First most of today’s press goes to the errant kid who knows how to “google” and download someone’s piece of work. If you are in charge of defending a network and budgeting for it you may feel different about respecting anyone that comes peeking into your “windows”.

      For the shear pucker factor take a job that will fire you when one of your so called heros does penetrate your network.

      It is illegal and unethical to trespass.

    • #3068416

      Kids

      by techrepublic ·

      In reply to Hackers, crackers, etc. – treated like heros?

      A few years ago I did a career day talk for a Junior High school. The majority of the questions afterwards were some form of “how do you hack?”

      • #3068405

        I kow the feeling!

        by kevaburg ·

        In reply to Kids

        I worked as a techy in a school for kids between the ages of 11-17 and how many questions got directed towards me regarding how to hack? Too many to be healthy!

        Hollywood in this case I feel is to blame. Hacking has been glorified for years and you only have to watch “War Games”, “Hackers”, “Password:Swordfish” and the “Matrix” trilogy to witness that for yourself.

        Hollywood made them heroes.

    • #3068415

      fascinated?

      by ilmotore ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I’d like to know where the data that implies IT professionals are fascinated with hackers comes from.

      In the case of virus writers, or those that copy and modify other’s viruses, I don’t know anyone who has had to deal the results of their “work” who doesn’t wish a whole lot of jail time for these miscreants.

      The ones that “hack” keys codes to pirate software and such are just criminals that should be prosecuted.

      If they are writing rsp like coolwebsearch, they definately need some jail time.

      Sorry, but I don’t admire criminals and pests.

      • #3068410

        Cool words!

        by kevaburg ·

        In reply to fascinated?

        But try explaining that to some of the earlier posts inthis discussion! Respect hackers by all means. That implies understanding they can cause damage and means need to be implemented. Admire and become fascinated by them? Sounds to me like someone wanting to be one without the braincell to do it!

      • #3066883

        you maybe right but your defiantly wrong

        by dgenerous1 ·

        In reply to fascinated?

        those a$$holes who write the coolwebsearch crap and the spyware idiots need jail time but what their doing is leagel, 1) you downloaded there software so you acecpt the ussage agreement 2) you donloaded someone elses work for you enjoyment and didnt pay them in currency so they have asked you by way of the usage agreement to share your computer for there research( wich in most cases is you)
        and i have a couple good queston for you: how much of you software is the original disc? and if you lost you cd-keys wouldnt you go online and get a keygen or go to a list of keys so you could use your disc?
        for a company to see that its sales are going down due to piracy is a complement not an injustice, hiking the price to some astronmical leve of 400$cnd for windows xp sp2 and a key that may nolonger be valid is not worth it especialy when the whole disc is downloadable from th ms website. and its also true the its that dont really have a clue( the ones that are sent to the odd windws has frozen case or are made to systematicly replace comps on a network) are the ones whom are fasinated with the “hackes and crackers” that the media spews out, and some are jelous that its usually a kid in his/her early teens to late teen(very odd that a hacker of 25 is put on tv) can out think and manouver them n the it world

      • #3067933

        Misunderstanding of Property

        by techrepublic ·

        In reply to fascinated?

        I see the whole thing as part of a larger lack of knowledge about property. Cracking or launching virus/trojan/spyware attacks is no different than any other form of attack.

        This computer, is owned by me. It is my property, including the wires leading into it, and its hard drive and RAM storage. Crossing over my property line without my permission, or under false pretenses, is the same as trespass, one of the oldest types of law on the books.

        It makes me angry that this is view as a “new” crime. But not surprised. The education system raises holywood reporters, not good libertarian thinkers.

    • #3068409

      Is hacking different from exploring?

      by leoxml ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I am afraid to say nothing new, but in essence IT as it seems to develop (not just computing hard tasks) is the exploration of new possibilities. You may call that possibilities: cybernetics, information power, etc. All these terms are same fascinating as people involved. Simply, if it works and could be programmed – it is IT. Hackers are IT heroes in the way they do their own decision (have time, will and take risk), not just follow market needs.
      As you noticed I exracted IT from the mix of legality and ethics. Do you realy think IT is strictly humanitarian and The Matrix is a waste?

      • #3068408

        Am I the only old dog reading this?

        by rlutes ·

        In reply to Is hacking different from exploring?

        Technology was leveraged to AUTOMATE mundane routine tasks. As such we also stored data. Some of you may not remember or even have a clue how to do what your computer does for you. IT is just a means to an end a utility.

        • #3068407

          Automate or streamline?

          by kevaburg ·

          In reply to Am I the only old dog reading this?

          IT has helped to streamline businesses to help increase productivity with lowered associated expenses. I don’t believe you can call it just “a means to an end”. The problem is that this productivity suffers because admins are taken away from the business afairs of a company to deal with the hackers that are engaging in what I see as “playground bullying”!

          IT plays a huge, misson-critical role in most businesses, but now, instead of supporting the company, it has to support itself first so that it becomes an asset and not a hindrance.

        • #3068406

          I agree

          by rlutes ·

          In reply to Automate or streamline?

          First off though. I see too many people develop and expend energy and capital for the sake of IT. For that reason some things are a means to an end. IT by it self does not make money unless you are selling services or information.

        • #3068403

          But that is the problem

          by kevaburg ·

          In reply to I agree

          People that don’t understand the technology think throwing money at security and expending energy almost randomly is the answer. I recently took part in a roll-out in Germany and the project management team wanted to put a RIP1 compliant personal router into an OSPF network without permission because someone mentioned segmenting the installation network!!!!

          Maybe the people you are talking about need to spend more money on training and awareness rather than hardware?

        • #3068400

          I make money

          by rlutes ·

          In reply to But that is the problem

          As a consultant I make systems work as inexpensively as I can for the things that make sense. That is my job. If they want to throw money they can throw it my way. IT for the sake of IT wouldnt be profitable for me in the long run. Understand the customer’s business and their security situation is paramount. Every business has diffent levels of security anxiety. It would not be affordable and may not be desireable for me to employ the same systems that I use in a doctor’s office for a billboard web site.

        • #3067540

          Its not the consultants fault

          by kevaburg ·

          In reply to I make money

          The consultant does exactly what you describe. We are in a competitive market and if we were to produce less than the results you describe or we were to use the same solutions for every environment then we would not suceed and we would go under.

          The problems come later when we hand over the projects and the less knowledgable sysadmins start making changes, adding inappropriate hardware and so on. And this happens alot.

          We install systems appropriately. These people undo our work through their lack of training and awareness and that is the fault of the company in question and the IT management that looks after them.

        • #3068401

          Is this hacking?

          by jrgnvogel ·

          In reply to I agree

          Some of our post graduate computer science studends rewrote windows xp as an exercise completely in pure machine code, I was completely surprised as everything worked as normal. This includes officexp etc. The only difference was that it loaded and worked extremely fast. The total os only used 22 mbytes of hard drive space. Unfortunately I had to tell them to erase the program as it was an absolutely windows look alike system. This would probably have caused the uni a lot of legal problems as they wanted to put it on the net for easy downloads. Anyway what was that team effort, hacking or cracking? Needless to say they all got extremely good marks for their study.
          Regards

        • #3068399

          This is the grey area

          by kevaburg ·

          In reply to Is this hacking?

          When so much noise was made about Microsoft losing portions of code and Cisco having it stolen I think this may be regarded as illegal. But it wasn’t marketed so noone gained financially so where is the problem? Maybe the fact the code was altered would be the argument against you in a court of law. Maybe not.

          Hacking or cracking? I’m not really sure but it sounds like Microsoft could learn a thing or too from this lesson!

        • #3068394

          depends

          by rlutes ·

          In reply to Is this hacking?

          Did they use microsoft source code? If so they ripped of Micro$oft. Incidently, I dont know of many universities or colleges that dont require CS students to develop their own OS. Mine was based on BSD.

        • #3067516

          No they did not.

          by jrgnvogel ·

          In reply to depends

          No they did not use MS source. It took the team of 10 guys just about one year to write it. The problems was it was complete look and work alike to xp. The only difference I could see was that it did not use IE or MS messenger. Everything else worked normally.

        • #3067435

          Of course this is hacking

          by joe mctroll ·

          In reply to Is this hacking?

          Real meaning of “Hacking” (not the one used by self-proclaimed “IT experts”) means doing clever changes to a machine or program in order to make it do things not originally programmed/designed to, or to do better/faster/easier the thing it does… what most people understand for “hacker”, though, is what should be referred to as “cracker”

          As for legality of your students’ efforts: whence did the knowledge of windows internals come? if they un-assembled or reversed engineered winXP (most probable, since you said everything worked as usual) then it WAS illegal, though IMHO not legally suitable for it was for a research purpose and no financil gain was obtained.

          If, on the other hand, they re-wrote everything from scratch, using the MSDN guidelines about binary interfaces and usage of windows internal functions, then it is perfectly legal and safe: that’s the legal basis of projects such as WINE and ReactOS.

          If it’s the second chance, well – what are you waiting to send those genious students to either project? They are waiting for them, open arms!!!

          On the other hand, if they reverse engineered… well, me thinkest they could act as advisors to either project: not writing directly any code, but offering hints and general suggestions… that way (if my understanding of the law is correct) we would be on the legal grey side… read: more or less safe 😉

        • #3067930

          Simply Cycle

          by techrepublic ·

          In reply to I agree

          its simple life-cycle. you know nothing, you go to tech school hoping to be taught everything. you either soak it up and make it part of your lifestyle or not. You get your first support job. You mature and life moves on. You go for more technical or more supervisory roles to get more money. You make a lot of money. You decide to consult. You consult for a while. Someone one you consulidates a bunch of consultants into a consulting firm. You join. You make even more money. Company falls apart. You are back in the street. If you are an expert, they want you more than you want them. You pick your projects, charge ridiculous fees, and work to live instead of live to work. Then when you are old and grey, someone makes you an offer you can’t refuse, to go and manage a bunch of Microsoft and Linux propagandized kids. Then you die early of poor health.

          What is my point? I don’t even know. I just know the current system largely sucks, is partly cool, but the end-user-client is still getting crap, and paying more than ever for it, and the IT “professionals” who are in control of most of this, are just as immoral as any frontier profiteer ever was. And all around is horrible code holding it together — somehow.

        • #3067932

          Blame Steer

          by techrepublic ·

          In reply to Automate or streamline?

          This ability of easily written and modified methods of breaking into someone else’s computer, is the fault of the industry itself — which a long time ago stopped rewarding good code, and instead rewards old-fashioned corporate values like “appearing busy”, “meeting deadlines”, “formal project management”, “coding to hard specs”, “resistence to holistic thought”, and so on.

          We paid people to produce shite code, and they did. Now other people exploit that, new corporate monsters benefit from it, and STILL i don’t see fundimental change on the way code-writing is managed.

          If I owned a large modern company, we would put a team in place, and build our own from the Kernel up, instead of trying to cut corners, and buy, borrow, and steal the work of others — including the bad work of others. Then after my company kicked everyone’s ass in the market we were in, I’d sell the technology and consulting too. But then, I don’t require $5000 to just cover my payments and bills, cause I’m not a corporate automaton. I’m what you call “creative thinker”, “Inventor”, “Hacker”. We always were rare, regularly generate huge wealth for others with our inventions, and usually don’t get much recognition till we are dead.

          Things are what they are due to billions of stupid decisions being made every day, and re-made the next day. My kind have been almost totally purged from formal IT departments. We say these things and make people “look bad”. That is not nice. So I live the punishment of people who are not nice. I live like a monk, think, research, and write every day.

          Meanwhile, the biggest moron I went to school with, is spending the oil companies multi-million dollar IT budget on garbage, blaming all the hackers and crackers and spammers for the poor performance of their LAN, WAN, and PC support groups.

      • #3067529

        what a bunch of morons

        by 1ronman ·

        In reply to Is hacking different from exploring?

        I read some of your replies and I think “man what a bunch of foolish little children”! for example, dahabam says “I would like to describe hackers as opposition parties in a democratic country” and “let hacker enjoy their hobby” What a dope! or leoxml who thinks “hacking is no different from exploring” and says “Hackers are IT heroes in the way they do their own decision (have time, will and take risk), not just follow market needs”. Obviously you should have been beaten as a child and your mommy never taught you right from wrong. How about I go exploring in your bank account and take your money for my own because “I’m willing to take a risk?, and its your fault I took your money because you should have protected it better! Or how about I “go exploring” in your house. If I find something I think is cool, I get to keep it because you were foolish enough not to protect it better (ha ha on you!) What a dope. Or how about break into your your moms or grandma’s house and take their stuff because I’m willing to “take a risk”. Here?s the point that you parents failed to teach you. It?s wrong to take other peoples stuff. Its wrong to go into other people houses (they call people like that burglars) maybe you think they are cool too though so my point will be lost on you and the other dummies in any case) Breaking into someone?s house, breaking into someone?s personal information, breaking into someone?s computer…..maybe I could draw you a bmp.

        • #3067491

          and what did your momma teach you

          by shorne ·

          In reply to what a bunch of morons

          Hey Mr. GB4
          I happen to agree with what you are saying in this post, but after your parents taught you all that good stuff about right and wrong didn’t they have any time left for social skills? Calling people morons and dopes may not be entirely effective in attempting to get your point across.

        • #3067487

          Problem of Definition

          by jwasserman ·

          In reply to what a bunch of morons

          I think the major source of confusion on this topic is that the how you define “hacking”.

          I don’t think that any one will argue that unauthorized access to systems and the execution of malicious code is wrong.

          I believe that hacking has a much broader definition. Tweaking apps or an OS to meet you needs on your own pc has long been considered a ‘hack’. Doesnt anyone remember using resource editors to change icons before they added the funtionality to the standard OS’s? What about ‘easter eggs in applications and OSs? How about forcing an OS to to show different folder backgrounds (perhaps to tell what server the files are on at a glance)? Most of the nice little features of a the GUI interfaces we all use started out that way.

          Network intrusions/attacks use ‘hacks’ to do thier dirty work.

          Similarly, locksmithing is not a crime, but using those skills/techniques for unauthorized entry is illegal.

          The term ‘hacking’ has been coopted by the media to explain something they have trouble explaining to the public and as a catch phrase that is easy to sell airtime and paper.

          We need a better word to describe intrusions and attacks. The industry needs to differentiate the techinques from the illegal acts that can be committed using the techniques

        • #3067463

          Although crudely stated, I basically agree . . .

          by roadbiker ·

          In reply to what a bunch of morons

          The problem is youth having an extreem lack knowledge and acceptance of ethics and the glorification of what is esentially electronic vandalism.

        • #3067314

          AMEN!!!!

          by rlutes ·

          In reply to what a bunch of morons

          I thought it was me. Being aghast

        • #3067585

          100 % agree

          by avid ·

          In reply to what a bunch of morons

          i think gb4 is absolutely right. HACKING IS WRONG. stealing is wrong. you can’t just rename a thief and make him a hero. this is not a robin hood situation. hackers are cowardly thieves.

    • #3068402

      The Cisco flaw

      by kevaburg ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Has anyone got any comments on the “Hackers Race to Expose Cisco Flaw” article? One has to wonder why these hackers want so badly to expose flaw in the IOS of a company that supplies so much hardware to the Internet, wouldn’t you agree?

    • #3067493

      Job Security or Menchausen’s Syndrome

      by jbrill ·

      In reply to Hackers, crackers, etc. – treated like heros?

      It’s the same reason why a very large percent of arsonists are firemen. Either they start fires to make sure there is enought work or they do it so that in their response to it they can bee seen as the hero.

      With everyone idolizing the hackers, they can feed this need to be recognized by bringing to near death that which they love the most and claim to be saving it by exposing the flaws. It’s a sickness.

    • #3067485

      Definition Discrepency

      by raxterusa ·

      In reply to Hackers, crackers, etc. – treated like heros?

      This question poses many responses on many many different levels. First, what is a hacker, cracker, phreaker, etc? Second, do they serve a purpose, legal or no? Why are many of these people being held in reverence and/or awe by those who are in the fields of IT security and other middle to end-user areas of the discipline?

      The term “hacker” is misused by virtually everyone and this is due to the acceptance of poorly educated media types not taking the time to know the subject which they write/talk about. To be a hacker, in its true form, is to be one who simply “hacks” at the keyboard or other input device to enter code. Hacking is not, in its purest form, as it sounds, like hacking a piece of wood in two. Crackers, on the other hand, refer directly to what it is that they do, they “crack” or break into other programs either maliciously or no. Phreakers are just a variant of the cracker, at least from what I have seen.

      Next we should explore what service or dis-service they provide:

      Those who would break into and write code that would expose flaws in other programs do serve a function, albeit many times illegally, the exposing of detrimental flaws that make certain programs vulnerable. This is a function that should have been handled by the developer. By exposing the flaws they have inadvertently created new IT posistions within a developer’s firm, if it is a responsible developer, to ensure that the “finished” product is secure BEFORE they sell it as the hottest thing since processed ground wheat. Not to mention all of the outside jobs that were created like SysAdmin, Security Firms, and other various ‘support’ jobs. As we can see many of these positions would never have come to pass should these vulnerabilities not been.

      Those who would write viruses, they too serve a function. Similar to the previous, these simply tend to be more malicious.

      Lastly, why are they being held in such high regard? Simply put, it is not uncommon for the many to be awed by the few who can do something that the many cannot, at least yet. This can be proven many times over. EXAMPLE: One could use Einstein in this manner, he saw things in nature that few if any of his time could, therefore he was held in high regard even if his findings did eventually cause a great many deaths. With the true “hacker” and the “crackers/phreakers” the same holds true; they have the knowledge, poorly gained or not, and in return garner at least humility from those with less knowledge. Many times unrightfully so, yes, of course. But even to that end they are part of what we call IT.

      • #3067453

        definition answers the question

        by jeasterlingtech9 ·

        In reply to Definition Discrepency

        hackers: without hackers there would have been no advances in computers or operating systems a hacker pushes, pulls, prods, changes backgrounds, wants it to run faster, smarter, and in his order.
        cracker: most of the “bad guys” that most think of as “hackers” these are the ones who break into systems, break serial numbers, and send phishing emails

        A hacker might find an exploit and tell the company
        A cracker might find an exploit and tell his friends, sell it to a group of crackers, and write a virus to use the exploit
        The hacker mystique from the movies comes from the fact that even the crackers in the movies are fighting against worse evil

    • #3067467

      We are the enemy!

      by gskur ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Most of the code out there is poorly written. No, not in dissonance with the industry practices and standards, but wrongly, rather poorly thought through, often slapped together in a hurry by cutting and pasting (with lots of extra “jucy” fat remaining), kind of ?chisel-and-hammer in a not-so-promising-apprentice?s hand? quality. The structure is often ill-conceived, jumbled, lacking in so many ways, and, too often, is plainly stupid. Even without anybody from the outside putting an ?evil finger? to it, you have PROBLEMS, all the time, don?t you? And, of course, 9 out of 10 UI designers should be fired on the spot. In short, most of the software written and sold to the public for profit is really bad.

      And if you, the reader of this post, disagree and feel slighted, offended on behalf of all of your (our) glorious ?high-tech? profession(s)?you are in a wrong profession, my friend, for in this one you understand little.

      And when a talented person sees this crap written by the EMPLOYED mediocrities, tested (ha!) by the EMPLOYED dim-witted testers, signed of by the EMPLOYED ?fat-ass? managers, and sold for profit by the EMPLOYED oh-so-clever sales and marketing dudes to the generally ignorant (but not so stupid!) public?then he (and an occasional ?she? I am sure) gets mad. And he wants blood.

      If any of you ever told your company that the software you sell is crap, that it is a shame to be doing so, that it is unethical to dupe the customers, that it needs to be redone and it will cost so much money (or more) and will take so much time (or more)–if you told all that and are still employed there?let me know where you work, and I?ll be happy to clean bathrooms in you glorious company for free for the rest of my life. Honest to god!

      This is what I know.

      Now, what I think about hackers is this.

      The only way the dissatisfied really can tell ?them? so that that ?they? will listen, the only way that is immediately effective and satisfying is to PROVE that ?they? knowingly develop and sell not-so-good software. Ant the best way to prove is to demonstrate… Of course, this reasoning is not what is commonly known as ?rational thinking?, but some of these individuals must be very pissed indeed.

      And, of course, there are mischievous youngsters (now, as in all the time) that are to prove they are smarter than everyone else (or stronger, or braver…) as always the young (and especially males) have done. Besides, many of these fall in the above category as well, I am sure.

      There are very few out there who are actually trying to profit from it, to steal something. These are just like regular thieves, just modern tools.

      Oh yes, it is unethical, immoral, illegal, etc. whatever the motivation. The hackers need to be punished severely because they, ultimately, do not succeed in teaching the ?bad guys? a good lesson (these will never learn!) but punish the general public.

      Just to strengthen my argument:

      There are many examples of very popular excellently written free software. I?d be shocked if you did not have at least half-a-dozen of those on the machine you are reading this post at ;~). Do you guys know why this software (which is so widely used) is not targeted by hackers? And don?t even start thinking that the authors of those software are the hackers themselves (or their friends are)! So, what might be the answer?

    • #3067422

      Techies Are Wannabeez

      by activated ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Thats why they admire the hacker. Hackers are the lowest life-form in the tech world. They are below contempt. To destroy is the hallmark of cowards, and criminals. To build is the effort of the truly heroic. Those techies that dont see or understand the difference are themselves lacking in basic virtue.

    • #3067412

      Hackers treated like heroes?

      by redline ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I am not fascinated by them. They need to go to jail, first offense, and then treated more harshley if they do not learn their lesson…

    • #3067406

      A Romantic Idea

      by tlea ·

      In reply to Hackers, crackers, etc. – treated like heros?

      The ?Hacker? can be lumped into the same category as the Jewel Thief, Old West Outlaw, or even Robin Hood. These are romantic stereotypes that appeal to a certain rebellious side of us. Look at all of the films where the thieves are the protagonists, and law enforcement officials are the bad guys. There must be some universal appeal, or these movies would not exist.

      In my opinion the ?Hacker? is just a modern day version of the rebel or outlaw stereotypes, that?s why certain people find it appealing. Like most romantic notions the reality of the situation is very different. Many ?hacker? activities are destructive and cost companies and consumers millions if not billions of dollars.

      ?Crackers? on the other hand can help protect us from companies that are trying to seize permanent control of intellectual property. A great example is older software. I recently downloaded and Amiga emulator because I used to be an Amiga enthusiast. I was looking for some old titles that I used to own. Most commercial titles can no longer be purchased. Lucky for me there are Abandonware sites that have ?cracked? versions of these old titles. If it wasn?t for these cracked versions there would be no way for me to acquire these titles.

      Of course ?crackers? also cost software companies millions, if not billions of dollars in ?lost revenue?. Oh well, I guess you have to take the good with the bad.

    • #3067393

      Hacker redefined

      by jmgarvin ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I am a hacker. I look at things, see how they work, and find possible flaws in them. I socially engineer people to find information, I break network security, and I get information for server.

      But wait, I also teach people how to do this (and get paid for it) legally.

      To be a network/system security guru, you must also know how to break your network/system security. Those that don’t understand security are doomed to fail. If you can’t break your security, if you can’t red team, you are finished.

      Hacker in most context means one who is seeking technical knowledge.

      What everyone here is talking about is a cracker. These are the bad guys that are unethical and will steal your credit card information. A hacker may gain access to your credit card information, but never use it for ill.

      On that note: If hackers are treated like heroes, I have yet to see it. I’ve written a couple papers on security and the lack there of, and yet I don’t have the hero status…

      I think a mythology has been built up in the IT world that these crackers are so uber there is no hope. Learn how to hack your own system and you will see how your good/bad your security really is!

    • #3067387

      Do policeman make criminals?

      by t-cally ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Criminal nature will exist to the end of time. It is unfortunate that for some the only attention they get is when they do wrong and if you have chidren you should have come to find that they will do wrong for the sake of attention. Which could be the very fuel for them to continue. Basically they just need to be hug, and then beat the ___ out them!(not your kids, the criminals)

    • #3067377

      way_too_much_press

      by msmith ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Hackers do get too much press! They seem to be a class of programmers that have ventured into unknown regions and got lost. Are they trying to show up the Bill Gates’ of the world? Are they saying ” we belong in there somewhere .. make room for us!” ?? Could it be they are working to take down gov’t, or perhaps just any organized approach to communication? Then,perhaps, any one of them could say “I brought it all down!” or, like terrorists, “I am responsible for that awful worm!” Data gunslingers, that is what they seem like, and we give them “too much press!” They do, indeed, make my job and thus my occupation, a little harder to engage w/o second-guessing these guys .. and maybe that is also something they like about hacking – disruption!

    • #3067372

      Hero is not the right term

      by blueknight ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Heroes are good guys, not law breakers… hackers, crackers and the like, are not heroes, they are miscreants. They do seem to get much better “press” than they deserve which then gives script kiddies and others the desire to do likewise.

      These people (hackers etc.) probably keep doing what they do for the media coverage they receive, much like terrorists (which, in a manner of speaking, they are).

      The real heroes are the network and system administrators who are able to prevent, or minimize, the damage that can be caused by the work of hackers et al.

    • #3067344

      Hackers crackers phreaks etc

      by dhodgen ·

      In reply to Hackers, crackers, etc. – treated like heros?

      We all have at one time or another dug into our bag of tricks in order to get the job done. Hacked a registry file, cracked a program to make a silent install. Phreaks by definition alter connection lines in order to get more out them. Most programs have been hacked and improved because of the hacks. Dos and Linux themselves started out as hacked programs. The terms do not denote good or bad, just the approach used to get the job done.

      The question is the ethics behind what is being done. Do you hack the registry to improve upon and keep a computer running or to bring it to its knees. Its the dark side, the unethical side that needs to be addressed. I prefer to call them the breakers. Spyware, viruses, and security flaw finders. For every bad apple out there I am willing to bet there are a hundred or thousand others hacking, cracking, and phreaking for the right reasons. We are the heroes not them.

      • #3067250

        finally – intelligence on this thread

        by dirtylaundry ·

        In reply to Hackers crackers phreaks etc

        dhodgen – your post was sane and I thank you for it. Hacking was never the term for bad, but thanks to the media’s ignorance of all things tech, they lumped it together to equate it to “bad” people. What many fail to realize is that it is a form of “modding* programming code. People “hack” their cars, their motorcycles, and as we know, computer cases, but we use the term “modding” for that. I don’t believe it’s the *evil* aspect that is admired so much as the respect for the area of knowledge or expertise that is required to understand programming code enough to alter it. Most likely IT shakes their head and say to themselves, “With all that knowledge, think of what GOOD they could do instead of having been misguided to think that destructon is better.”

    • #3067258

      amusing

      by 0troy ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I find it amusing that so many of these replies are so full of fear and confusion. Put away your pitchforks and torches, and do some research. Let me begin by saying that VMware writers (even by my standards) are no better than crackers. Crackers simply want to expand their domain over your computers, and will use any means to accomplish this feat. They deserve blame, and deserve to be caught. But as for the researchers finding exploits and releasing them, these folks are helping you much more than you think.

      I am reminded of a lockpicking discussion on full-disclosure at Defcon. Many times had the speakers found serious vulnerabilites in the construction of locks, and many times had the vendors ignored them. If you found out that anyone would be able to open your gun lock simply by hitting it against a solid object, you’d return the lock and get a new one. But you can’t do that if the company deems not to release the flaw or recall the product. Now lives are at stake. The point of all this is, you, as a consumer should have the right to know. You have the right to know if the version of Apache you’re using can be exploited by anyone with a 1K text file of exploit code and an internet connection. And anyone who would keep you from that knowledge is doing you a disservice.

      As for non-disclosure, it’s simple… When guns are outlawed, only the outlaws will have guns.

      Would you rather be armed with tools to test your network in ways only hackers can? Or would you rather trust a vendor trying to keep their share prices up? (but that’s another rant)

      True hackers do not concern themselves with exploiting your server. That task is (sadly) trivial. We’d rather interest ourselves with coding chalenges, and writing white papers to get the word out about serious problems that people just aren’t aware of.

      We’re contributing, and we’re helping you guys out more than you think.

      Imagine finding that you’ve been hacked, spending hours cleaning up the penetration, listening to the vendor insist that there are no problems with their software, reconnecting the server, and getting hacked again. Which is more frustrating? Not being the owner of your servers, or having to apply patches every second tuesday of the month?

      PS: for the record, a Phreakers “hack” phones and phone systems as a hobby, they have nothing to do with computers besides their interactions with phones.

      • #3067251

        Vendor Problems

        by jmgarvin ·

        In reply to amusing

        That is a good point. Many vendors (for what ever reason) will not admit to being vulnerable to ANY attack. Not only is this bad for the admins, but it means crackers have a free pass…

        When the vendors get serious about security, you’ll see the media attention to hacking dwindle (it will be far too technical at that point)

      • #3068174

        since you hackers are so helpful

        by avid ·

        In reply to amusing

        why don’t you write your own software and publish it? you could make tons of money if you had the ability to release software that was 100% bug free. or is it that you can not create anything original so you go around bashing those who do out of jealousy?

        • #3068087

          Duh, much?

          by apotheon ·

          In reply to since you hackers are so helpful

          What do you think open source software is? It’s software put together by hackers (in the classic sense of the term, not as misused by popular media) in open collaboration. Something tells me you still aren’t quite grasping the fact that the term “hacker” has been most egregiously misused in common parlance.

          hacker: http://wombat.doc.ic.ac.uk/foldoc/foldoc.cgi?hacker

          cracker: http://wombat.doc.ic.ac.uk/foldoc/foldoc.cgi?cracker

          Try to keep them straight.

        • #3068037

          wrong group, read other posts

          by avid ·

          In reply to Duh, much?

          i am reffering to ILLEGAL vs legal. open scource is legal to alter, is it not?

        • #3068005

          yes

          by apotheon ·

          In reply to wrong group, read other posts

          Yes, it’s legal. The person to whom you direct your complaints was talking about legal behavior as well.

        • #3056333

          to stop the confusion

          by avid ·

          In reply to yes

          maybe i should use only the professional terms to differentiate between those who are performing legal functions and those who are not. from now on i will refer legal hackers as software engineers or something similar. this will clear up the confusion. it seems that we are agreeing on everything but definitions.

        • #3056053

          definitions

          by apotheon ·

          In reply to to stop the confusion

          As long as you keep misusing the term “hacker”, we’ll keep disagreeing on definitions.

        • #3068034

          terms

          by avid ·

          In reply to Duh, much?

          i do grasp the term. what i am debating is the usefulness and so called heroism of illegal hackers. i am not trying to offend those that operate within the law.

        • #3056088

          Terms

          by ron ·

          In reply to terms

          Maybe you should use the proper terminology then.

          If the people you are complaining about are illegal hackers, refer to them as such, not the generic term hacker.
          I think most of will agree the ‘illegal hacker’ that causes damage to other peoples system is wrong, but NOT hackers in general!

        • #3056050

          or, even better . . .

          by apotheon ·

          In reply to Terms

          Since a “hacker” is never illegal (or should never be, though with the advent of legislation like the DMCA that’s changing), and only the actions performed by some unethical hackers is, perhaps more precise terms should be used instead. For instance, those who invade others’ networks and illicitly circumvent security precautions are “crackers”, and those who maliciously damage others’ information systems are “vandals”. Use the terms that mean what you address, not those bandied about by clueless idiots in the popular media.

        • #3053854

          RE: or, even better

          by ron ·

          In reply to or, even better . . .

          I fully agree, but since avid just can’t seem to see the differences, I thought that I would try to make it easier for him to follow!!!!

        • #3068073

          So you’ve never heard of Linux?

          by 0troy ·

          In reply to since you hackers are so helpful

          It’s an operating system written by hackers (although most OS’s were written by hackers anyways).

          You couldn’t be any more out of touch if you tried!

        • #3068035

          linux ??

          by avid ·

          In reply to So you’ve never heard of Linux?

          would you classify linux as a virus or malware ? when these hackers were writing OS’s, they were performing a legal function. and linux is far from bug free, along with every other OS.

        • #3067999

          WRONG TERM AGAIN

          by apotheon ·

          In reply to linux ??

          Hackers are not malware writers! Please, look again at my post with links to definitions of the terms “hacker” and “cracker”. Linux was written by [b]hackers[/b]. Worms that turn Windows boxen into DDOS zombies are [b]crackers[/b].

        • #3056369

          once again

          by avid ·

          In reply to WRONG TERM AGAIN

          i was not referring to legal hackers, i was referring to those who are outside of the law. i know what the link said, but you must admit that definitions change over time. hacker can be used to describe both those gifted individuals who benefit our profession by contributing unique points of view and improved software, and the other group that looks for ways to get attention by performing unauthorized attacks on other peoples property.

        • #3056048

          on the other hand

          by apotheon ·

          In reply to once again

          This definition hasn’t changed. There’s a vibrant community of hackers ([b]real[/b] hackers), an entire hacker subculture, and a vast sea of hacker-produced software out there. All of us who are at least peripherally a part of that culture are to some extent aggravated, annoyed, or even insulted by your sloppy misuse of the term. How do you think the world’s locksmiths would feel if popular media misuse of the term “locksmith” became colloquially synonymous with breaking-and-entering burglars and vandals, many of whom use nothing but a hammer or a shotgun to gain entry?

          A hacker is, in short, a skilled enthusiast. Many hackers are professionals, as well. Script kiddies and security crackers are often not hackers at all: they tend to lack either the skill or the enthusiasm, if not both. Stop using terms that describe perfectly ethical, and extremely talented, people to label criminals, vandals, and brainless button-pushers, please.

        • #3067923

          Green Branch Communications is my contribution, where’s yours?

          by jmgarvin ·

          In reply to since you hackers are so helpful

          I’m a self proclaimed hacker. Check out http://www.greenbranchcommunications.com for an app that I wrote (originally) and it grew into a real app with more than one person coding for it.

          Is it bug free? Nope. Is it totally secure? Nope. Does it work as advertised? Yuppers!

        • #3056248

          nice work

          by avid ·

          In reply to Green Branch Communications is my contribution, where’s yours?

          now if you can understand my meaning and don’t get too defensive, i will once again restate my point.

          did you steal the code or develope it yourself ?

          if you developed it yourself, would you be angry if some one hacked it and created a worm for it or used it for something other than intended?

          does it have an end user agreement ?

          if it does, is it okay if the end user violates it ?

          these are my points on all my posts.

          if you created this code without copying and pasting someone’s copywrited code, then great job.

          if all you did was copy someone’s code and change a few functions and slap your name on it, then it is wrong.
          you do not seem to be the type who would take credit for anyone elses work but your own original work. as for my contributions : i do not now or ever intend to write code. for one i do not have the patience to sit in one spot all day and work on it. i enjoy what i do because of the variety of physical and mental exercise it gives me. also, i enjoy emmence freedom in what i do. one day i am climbing radio towers and install wap’s, the next day i am designing a wan for a client. so do not expect to see “avid 2006” any time soon.

        • #3056091

          Re: Nice Work

          by jmgarvin ·

          In reply to nice work

          Thank you. Here is a quick ordered list responding to your points.

          1) I developed the code myself (at least the first two iterations, possibly the third, but I honestly don’t remeber anymore). The completed product was developed by a number of coders, including me (names are on the website).

          2)I’m trying to open source the product (there are issues here beyond my control and I don’t own the IP, so I have to wait for those that are the owners of the IP are a little slow to let go, plus there is a whole patent issue that is being resolved)

          3) There is no EULA because I am trying to use FLOSS/GPL to get this thing out. The larger problem is that the lawyers want to write the EULA and that would make it draconian and annoy the end user or worse, nobody would contribute once it is open sourced!

          4) EULAs are meaningless anyway. They have no teeth no matter what way you slice it. It only angers the legitimite users.

          I’m a hacker. I hacked this thing together orginally. IIRC it was a kluge or using Windows Media Player to stream, some open source and generic audio codec, some cheesy network code, and a wrapper to make all the packets come out HTTP.

          I hacked this thing together. I’ve also hacked various other things (like APs) to make them work differently or “better”. I’ve hacked together all kinds of stuff.

          I also do security. I do break into things and find holes. I also post these (if found) or write a paper on them. I’ve written numerous papers and posted a few bugs. My major beef is that crackers (the bad guys) take advantage and use bugs they find rather than report them and move on.

          On that note: I noticed this while posting
          http://techrepublic.com.com/5111-6242-26-22893.html?subj=community&part=tr

          It is the “Network Administrator’s Hacks Pack.”

          I still believe you can’t understand security until you understand how to break security…

        • #3056045

          the problem is the terms you use

          by apotheon ·

          In reply to nice work

          A hacker doesn’t steal someone else’s code and slap his name on it: that’s called “plagiarism”, not “hacking”.

          A hacker doesn’t destroy others’ work: that’s called “vandalism”, not “hacking”.

          A hacker doesn’t violate contracts (use agreements, et cetera): that’s called “fraud”, or “breach of contract”, not “hacking”.

          The problem here is that you seem bound and determined to use the term “hacker” to mean “people who do bad things”. Those of us who have been called “hacker” (in a good way) tend to take umbrage at that.

        • #3055887

          these are not just my terms

          by avid ·

          In reply to the problem is the terms you use

          i did not write the media and give them their definitions.

        • #3053926

          The media is wrong

          by jmgarvin ·

          In reply to these are not just my terms

          Hacker – Originally, a hacker was someone who made furniture with an axe. In computing slang it is a person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. Also, one who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.
          http://www.fas.org/news/reference/probert/PA.HTM

          Cracker – A cracker is one who engages in one or more of the following: 1) breaks into a computer system; 2) figures out ways to bypass security or license protection in software; 3) intentionally breaches computer security. Contrary to popular belief, Cracker is not synonymous with Hacker.
          practice.findlaw.com/glossary.html

          Phreaker – A person who hacks (breaks into) telephone systems to make free long-distance phone calls at someone else’s expense.
          http://www.techwriter.co.nz/nerd-ns.html

          Script Kiddie – In computing, a script kiddie (occasionally script kitty) is a derogatory term for people who use scripts and programs developed by others for the purpose of compromising computer accounts and files, and for launching attacks on whole computer systems (see DoS). In general, they do not have the ability to write said programs on their own. Such programs have included WinNuke applications and Back Orifice.
          en.wikipedia.org/wiki/Script_kiddie

          For real fun check out the jargon file. I know that sometimes words slip out (ok…not so much slip out as I can’t control it any more. All my students know the words kluge and borken/borked)

        • #3053878

          “Not my fault! I have an excuse for my willful ignorance!”

          by apotheon ·

          In reply to these are not just my terms

          Shall I repeat the old bromide of mothers everywhere?

          “If all your friends jumped off a bridge, would you do it too?”

          If everyone at all the popular media outlets jumped off bridges (good riddance), would you do it too? Please?

        • #3053870

          re : “Not my fault! I have an excuse for my willful ignorance!”

          by avid ·

          In reply to these are not just my terms

          you seem to want me to change the excepted english language. are there any other words you would like me to change the excepted and published definition of ?

        • #3053857

          RE:these are not just my terms

          by ron ·

          In reply to these are not just my terms

          Sure, the media started the misuse of the words, but you are an IT Consultant and shuld know better, and not reinforce the derogatory connotation of the term ‘hacker’.

          I am a system administrator and a hacker and proud of both titles!
          The only way to effectivly administrate multiple Windows systems is to hack the available/hidden settings to acomplish what you need to do!

        • #3053835

          I doesn’t matter

          by tryten ·

          In reply to these are not just my terms

          if they are your terms or not. The point is that they are wrong and used incorrectly by the media, yourself, and countless other people who are less informed. Its not that hard to understand people, the bad guys are called one thing the good guys are called another. If its legal and ethical its hacking, otherwise if its illegal, taken and used for financial gain, or just plain destructive its cracking. Plain, simple, makes things clear. And dont give me this EULA junk, lets face it folks the EULA is USELESS!!! It doesnt stop cracker from doing what they do, it doesnt stop hackers from, god forbid, making the program better, and it doesnt stop people from pirating. Its just another button to click to get the show rolling. Lets face it, only lawyers care about it….and who really cares about lawyers.

        • #3053816

          re : tryten

          by avid ·

          In reply to these are not just my terms

          okay guys. this is my official apology.
          to those i may have offended by using insanely generalist definition of “hacker”, i am sorry. when i get home tonight, i will write 1000 lines of “hackers are not criminals”. of course i will do this in word and probably use cntl-v. or hey maybe i will write a script that will simply write the lines for me. that way i can be on the road to learning to write code, not to say i will ever be as good as hackers are. from now on i will interupt conversations when i hear them use the term hacker incorrectly and correct them. (i wonder how many times i can do that before some one gets mad at me and takes a swing ?) i will inform my clients that hackers are not bad . so please forgive my past generalizations.

          sincerely,
          avid

        • #3053815

          here it is guys and gals

          by avid ·

          In reply to these are not just my terms

          okay guys. this is my official apology.
          to those i may have offended by using insanely generalist definition of “hacker”, i am sorry. when i get home tonight, i will write 1000 lines of “hackers are not criminals”. of course i will do this in word and probably use cntl-v. or hey maybe i will write a script that will simply write the lines for me. that way i can be on the road to learning to write code, not to say i will ever be as good as hackers are. from now on i will interupt conversations when i hear them use the term hacker incorrectly and correct them. (i wonder how many times i can do that before some one gets mad at me and takes a swing ?) i will inform my clients that hackers are not bad . so please forgive my past generalizations.

          sincerely,
          avid

    • #3067841

      Previous experience

      by leutiusm ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I had the fortune of growing up with a “hacker”. If some of you remember the DOD scandal of 1996, Ravanent (TAG) was responsible for over 250k worth of damage. He was imprisioned in Juvinilj for 3 years and (when he reached 18) was then employed within the very same department he was convicted by.

      Hackers/crackers fall into two classes. Amatures, that do little more then bash their heads against firewalls, and nuke on IRC, and the extremely rare professionals, that are generally gifted people with a point to make.

      They alone are responble for the rising fault ownership shown by software manufacturers

      The threat comes from professional coders, under the employ of information gathering corporate identities.

      Either way, they know the risks, chose the action, perform their objective, and if they serve time, they accept it, and move on. Positive or negitively regarded is irrelivant. I see them as just another example of naturally occuring checks and balances of the IT environment

      • #3067802

        Im sorry but that’s B%$$ SH%T

        by stratti79 ·

        In reply to Previous experience

        I was once an low level IT professional but now am in Human Services and study Sociology and am almost finised my Social Worker accreditation. I believe you are all missing the point of Hacker/Cracker phenomenon. The point isnt should they be or shouldnt they be but WHY are they and what does it SIGNIFY For the future. Despite the advances in IT I would still argue that IT has still got more growth potential and over the next decade I envisage IT networks in every home controlling everything from grocery shopping, to climate control not to mention what may be in the public sector. Point being a bad hack/crack that is malicious is no where near as damaging as it might be in the future. Back to my point are these hackers disaffected, bored, are there problems able to be corrected could their current states turn into something much more devious which to an extent now and certainly in the near future may translate into real human cost not the mere cash cost it does now.

        • #3067555

          You are off too

          by jmgarvin ·

          In reply to Im sorry but that’s B%$$ SH%T

          Hackers aren’t bored or disaffected. I’m hacking Windows and Linux security for a research project. I hacking some encryption schemas. I’m hacking streaming codecs. What does that mean? I’m taking them apart to see how they work and then working with them to make them work how I want them to work.

          I want to make things work properly and I want to see WHY there are holes where there shouldn’t be.

          Crackers are a different ball game and usually fall into the “Hackers without morals” catagory.

          Everyone is underestimating crackers (teenage disaffected youth) and putting the bad guys into a neat little box. This is a VERY bad idea.

          All warfare is based on deception. Hence, when able to attack, we must seem unable; when using our forces, we must seem inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near. Hold out baits to entice the enemy. Feign disorder, and crush him.
          – Sun Tzu, the Art of War

    • #3067776

      No scruples..no morals…no ethics

      by rlutes ·

      In reply to Hackers, crackers, etc. – treated like heros?

      I read and still see people defending criminal behavior or at very least unethical. To the youngsters…be careful who you tell about your cracking, phreaking or hacking some of us won’t bother hiring you.

      • #3067558

        Your loss

        by jmgarvin ·

        In reply to No scruples..no morals…no ethics

        I have and will hire hackers. If they get out of line, they are punished, but for the most part they are EXCELLENT additions to any IT team.

        I want someone to break my security. I want to someone to tell me, hey you are an idiot, why are you doing that. I want someone to write unique code to take advantage of something I may think is secure.

        I honestly don’t think one can understand security without understanding how to break the security.

    • #3066848

      it is not this difficult guys

      by avid ·

      In reply to Hackers, crackers, etc. – treated like heros?

      look, either you are breaking the law or you aren’t. if you are breaking the law you are scum deserving the maximum allowable punishment. if you are not breaking the law, then enjoy yourself. i think where people are getting confused is when they think thhat they get to decide which laws are good and which ones are bad. that is not for us to decide. end of story.

      • #3066687

        you’ve broken the law

        by 0troy ·

        In reply to it is not this difficult guys

        Ever gone over the speed limit? Gonna turn yourself in?

        Ever been in the carpool lane when it was just you in the car? Even on accident?

        Ever littered?

        Ever steal a candy bar as a kid? Sure the statute of limitations may have passed, but does that cure your guilty consience?

        Think before you call lawbreakers “scum”, or just say it into the mirror.

        • #3066660

          Foolish

          by stratti79 ·

          In reply to you’ve broken the law

          That is a foolish response surely you dont put the creators of the latest Ztob patched worm wreaking havoc on the same par as a speeding motorist or shop stealing minor. Sheesh!

        • #3068180

          how can you even compare

          by avid ·

          In reply to you’ve broken the law

          first of all, i have never stolen anything, ever.

          we do not have a carpool lane where i live and when i lived in a city that had them i did not use them when driving alone.

          yes i have driven over the speed limit, but not in a stolen car.

          and littering ? how the hell did you make the leap of breaking into some ones systems or software, a felony by the way, to littering. they can not be compared. if you think they can be compared, then maybe you should lobby for similar fines for hackers. see how far you get. but if you want to continue with the wild analogies, then how about this one. is it okay for a person to break in to your home and take a peek at you and your children while you are asleep ? no. in fact in most states, you have the legal right to shoot them dead. are you going to ask this person if they are just testing your security system or if they are looking for ways to make your home more ergonomic? no. you are going to call the cops or let off a few rounds and ask questions later.

        • #3068082

          pay a little attention

          by apotheon ·

          In reply to how can you even compare

          Nobody was comparing littering with security cracking, as far as I’m aware. The point is that you can’t just make a blanket declaration that all lawbreakers are scum. Littering is in violation of the law, too.

          I take even greater exception to your statements, though. Even more than distinguishing between litterers and crackers, I think it’s important to recognize that it IS up to us, as citizens of (supposedly) free nations, to determine which laws are good and which are not. That’s what voting is supposed to be all about: vetting and determining the disposition of laws. Telling me it’s not up to “us” to decide which laws are good and which bad isn’t going to make me feel chastised — just indignant, and dismissive of your ability to make reasonable analyses of your circumstances.

        • #3068032

          laws

          by avid ·

          In reply to pay a little attention

          it is up to us “as a group” to decide then have the laws written or changed. it is not for us as individuals to decide which laws in existence can be broken because we decide that we as individuals do not agree with them. if you want illegal hacking to be legal, start a petition or something. i don’t think you will be very successful, but who knows. and stop taking everything so literally. this is usually a fairly gifted group that posts here. i am not used to having to spell everything out for them. so if i confused you then i apologize.

        • #3067998

          speaking of gifted . . .

          by apotheon ·

          In reply to laws

          Here’s a gift of a little wisdom for you:

          Don’t resort to arguments from ridicule. They make you look like an ass.

        • #3056357

          no ridicule intended

          by avid ·

          In reply to speaking of gifted . . .

          when i post, i do it as concisely as possible. i write as little as needed to in order to convey my meaning. it was not my intention to offend you. just to disagree with you point of view.

        • #3068072

          Reply To: Hackers, crackers, etc. – treated like heros?

          by 0troy ·

          In reply to how can you even compare

          “look, either you are breaking the law or you aren’t. if you are breaking the law you are scum deserving the maximum allowable punishment” – Avid

          There is clearly no gray area in your statement. I was merely pointing that out… Scum…

          There IS a gray area, and just because you find yourself in it, doesn’t mean that everyone else is black and white.

        • #3068024

          read the topic again genius

          by avid ·

          In reply to Reply To: Hackers, crackers, etc. – treated like heros?

          i was reffering to hacking and only hacking. if you want to argue that littering and hacking are the same, start another post.

        • #3067997

          You say you understand . . .

          by apotheon ·

          In reply to read the topic again genius

          Clearly, you’re [b]still[/b] not getting the point that “hacker” doesn’t mean “criminal”. How many times do we have to point that out to you before you get it?

        • #3056493

          you know…

          by rlutes ·

          In reply to You say you understand . . .

          there is a saying. You can be right…dead right…stop flogging the cow and realize that on this thread most of us will call hackers/crackers and phreaks the same thing..

          I understand what a good programmer is and does. Perhaps you need to go to B- school to learn that Joe executive doesnt give a rats posterior what you call him/her or it.

        • #3056362

          too sensitive

          by avid ·

          In reply to You say you understand . . .

          look. i am not the one who changed the definition that the general public uses to define hacker. try this link. http://dictionary.reference.com/search?q=hacker
          it has many definitions from bad golfer to some one who makes furniture with an axe. if you guys are so sensitive about the use of the term, then do something to change it. maybe, in time, there will be a narrower definition of hacker and the bad guys will be named something else. until then i will use the term to describe both groups. perhaps in the future i could add white hat or black hat with my useage to clear up the confusion and try to avoid making anyone feel falsely accused.

        • #3056043

          to: rlutes and avid

          by apotheon ·

          In reply to You say you understand . . .

          [b]rlutes:[/b] You’re beyond help. Perhaps I’ll just start referring to all willfully ignorant, peurile sticks in the mud as “rlutes” from now on.

          [b]avid:[/b] I [b]am[/b] doing something about it. Specifically, I’m informing you when you’re wrong. You’re not the only person I’ve corrected, though you’re one of the most obstinate in your refusal to simply start using the term correctly.

        • #3055883

          re: to: rlutes and avid

          by avid ·

          In reply to You say you understand . . .

          you need a better vehicle to get the word out and change popular definitions. but thanks for the info anyway. i will, however, keep using the same terms since these are the terms that my clients understand. it just makes communication easier.

        • #3053875

          communication

          by apotheon ·

          In reply to You say you understand . . .

          The problem with your answer, avid (that you’ll continue to use the term “hacker” because it’s what your clients understand) is that they [b]don’t[/b] understand it. When you say “hacker”, you’re obfuscating what’s actually happening with a term that doesn’t explain anything. You say “hacker”, and they think “bad computer person who does things I don’t understand”. It’s a means of getting people to shut up and stop asking questions, not of informing anyone.

          If you want them to understand what you’re saying, use accurate and precise terms, like “security cracker”, or “network intruder”, et cetera. This will not only get your point across, even to the technically unfamiliar, but will also be the correct terms. If you’re dealing with a [b]real[/b] luddite, you can try dumbing it down even further without obscuring your actual meaning: “computer criminals”.

        • #3053798

          RE: TO: rlutes and avid

          by ron ·

          In reply to You say you understand . . .

          Sorry, but I just don’t think that these two will ever understand.
          Just because you are a hacker doesn’t mean you are breaking any laws.
          Even though most people think a law is wrong (DMCA for instance) doesn’t mean it is that easy to change.
          That aside, I feel that if you are breaking a law that is written to improve life for the majority, including speed limits and petty theft, then, yes, you probably are scum, at least to some extent. Fortunatly, the vast majority of “HACKERS” are not doing that!!

          BTW: It is not always that easy to get ‘definitions’ or pronounciations changed to the correct because the people that control these items are about as smart as the RIAA. Their mindset is “We few are perfect and everybody else is wrong!”. When I was in school, I was taught that ‘zoology’ was pronounce ‘zo (long o) ology’, now all of a sudden it is pronounced ‘zoo – ology’. That was the pronounciation that was always taught to be wrong, because it would need to be spelled ‘zooology’ and letter tripples are not used in the English language!

    • #3066743

      Definitions…again

      by ni70 ·

      In reply to Hackers, crackers, etc. – treated like heros?

      [i][b]cracker[/b][/i]
      A cracker is someone who breaks into someone else’s computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site’s security system.

      The term “cracker” is not to be confused with “hacker”. Hackers generally deplore cracking. However, as Eric Raymond, compiler of [i]The New Hacker’s Dictionary[/i] notes, some journalists ascribe break-ins to “hackers.”

      A classic story of the tracking down of a cracker on the Internet who was breaking into U.S. military and other computers is told in Clifford Stoll’s [i]The Cuckoo’s Egg[/i]. http://searchsecurity.techtarget.com/sDefinition/0,290660,sid14_gci211852,00.html

      [b]cracker[/b]
      [i]techweb[/i]
      (1) A person who breaks into a computer system without authorization, whose purpose is to do damage (destroy files, steal credit card numbers, plant viruses, etc.). Because a cracker uses low-level hacker skills to do cracking, the terms “cracker” and “hacker” have become synonymous with the latter becoming the most widely used term. See hacker, ECPA, CFA and virus.

      (2) A person who reverse engineers software and modifies it for fun. Often applies to game software. See disassembler.
      http://www.techweb.com/encyclopedia/defineterm.jhtml;jsessionid=Z0GAAJXL3T2CYQSNDBCCKH0CJUMEKJVN?term=cracker&x=0&y=0

      [b]hacker[/b]
      Hacker is a term used by some to mean “a clever programmer” and by others, especially journalists or their editors, to mean “someone who tries to break into computer systems.”

      1) Eric Raymond, compiler of [i]The New Hacker’s Dictionary[/i], defines a hacker as a clever programmer. A “good hack” is a clever solution to a programming problem and “hacking” is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:

      * A person who enjoys learning details of a programming language or system
      * A person who enjoys actually doing the programming rather than just theorizing about it
      * A person capable of appreciating someone else’s hacking
      * A person who picks up programming quickly
      * A person who is an expert at a particular programming language or system, as in “Unix hacker”

      Raymond deprecates the use of this term for someone who attempts to crack someone else’s system or otherwise uses programming or expert knowledge to act maliciously. He prefers the term cracker for this meaning.

      2) Journalists or their editors almost universally use hacker to mean someone who attempts to break into computer systems. Typically, this kind of hacker would be a proficient programmer or engineer with sufficient technical knowledge to understand the weak points in a security system. For more on this usage, see cracker. http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212220,00.html

      Edit to remove brackets from links.

    • #3066668

      In our blood

      by stooobeee ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Have you ever watched Evil Knevil do dare devil stunts? If onlookers knew beforehand that his feats would turn out successfully 100% of the time, no one would go to see him. It is this percentage of danger involved that drives people to watch. We are at heart rabble-rousers, jeerers in the crowd of spectators, and those who would yell “crucify him”. Even those who pretend to be gentle and kind are inherently impure, and tainted with the desire for evil. What suppresses most of us are things like the law, the churches, and the conformity to civil actions that reflect morality and decency. If, suddenly, they were removed, our bent nature would surface and not be hidden anylonger.

      Those who undermine those restraints take chances that put themselves and others at risks. These kinds of dare devils want people to watch them defeat the odds. Our advertizing of this clearly demonstrates our need to see them survive, and to be able to say aloud how good we are in comparison. But our hearts are far from that reality. “Personification” is a big word, but inwardly we feel satisfied that all the wrongs in our lives that are unfair are atoned for.

      There are uncountable examples of people in the wrong that defied the odds and “made” it, and headlines appear when they do, symbolizing them as bigger than life. Many hackers get hired by the government after doing their evil deeds, and by virtue of their notoriety, can now turn themselves around because the “test” is over, and they can publically become servants of the society they took advantage of.

      We are all capable of committing atrocities we dare not even think about, but fortunately are restrained by the reasons I previously mentioned. No one is exempt from this tainted self. Outwardly, we are law-abiding citizens; inwardly our hearts are corrupt, and under the right set of circumstances, are given to actions that reflect that.

      Fortunately, our laws which govern our behavior are ideally for the good of all of us, and the majority seek to obey many of them. But our laws cannot govern what we think, and therefore cannot predict our actions. So we must speculate and wait, and when someone actively opposes them, he must accept the consequences, and be responsible for his actions. Hackers are not outside our social limitations, and should not be treated any differently than someone else who shows contempt for them.

    • #3067960

      Let’s start over please

      by charliespencer ·

      In reply to Hackers, crackers, etc. – treated like heros?

      To avoid the use of terms some find confusing, why don’t we just start over with one change to the original posting? Mr. Spande, I suspect the wording below is what you originally meant. Please respond if I’m even further out of line than usual.

      “IT professionals are fascinated by THOSE WHO WRITE CODE WITH THE INTENT OF BREAKING INTO AND / OR DAMAGING OTHERS’ SYSTEMS IN DELIBERATE VIOLATION OF THE LAW. On the one hand, this is interesting coding. On the other hand it makes so many people’s work more difficult, takes away from the time people can devote on other aspects of their work. Are we fueling the fire or just getting to understand the enemy? Is this IT’s version of the Sopranos?”

      Will this help eliminate the linguistic debate?

      • #3067937

        Here here!

        by 0troy ·

        In reply to Let’s start over please

        For those having trouble grasping that there two meanings of the word “hacker”.
        Doing this could cut the post number in half… =)

        • #3056042

          two meanings

          by apotheon ·

          In reply to Here here!

          You’re right: there are two meanings.

          1. the correct meaning
          2. the incorrect meaning, which usage people to whom the term properly applies often find insulting

        • #3055956

          Please don’t put words in my mouth

          by charliespencer ·

          In reply to two meanings

          There usually isn’t much room with my foot already in there.

          I didn’t say there were two meanings, and I deliberately didn’t use the words “hacker” or “cracker”. The original poster used both as if they were interchangeable in his mind. I did use the word “confusing” because the working definition (not the dictionary definition) of “hacker” has changed over the years.

          For the record, those who intentionally violate the security of others’ systems without permission should be prosecuted to the full extent of the law, just like any other burglar or thief. Their computers should be confiscated, just like a DUI conviction should result in the confiscation of the automobile. They should not be hired by the industry, anymore than any other criminal should be allowed to profit from book and movie deals.

        • #3053873

          I didn’t.

          by apotheon ·

          In reply to Please don’t put words in my mouth

          I think you must have meant to respond to 0Troy, since (s)he’s the one who mentioned “two meanings” first. I was just responding to him/her.

        • #3054609

          Mea culpa

          by charliespencer ·

          In reply to I didn’t.

          Further re-reading indicates you are, as usual, correct. I misread your posting as a response to me, not as a response to 0Troy.

          I hope the move went well. Still living out of boxes, I presume.

        • #3047030

          no problem

          by apotheon ·

          In reply to Mea culpa

          No biggie. It was pretty clear that was an unmalicious error of some sort.

          Yeah, the move has gone swimmingly so far, and yeah, I’m still “living out of boxes”, as ’twere. I’m actually going to have to wait for a paycheck or two before I can get the majority of my stuff shipped up here: move-in costs on the new digs ate up too much of my advance on the relocation reimbursement. I’ll just have to sleep on a deluxe air mattress a couple more weeks or so.

    • #3056366

      to peter

      by ecauthorn ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Peter;

      You need to grow up and get a life. From the time of Genesis there has been someone attempting to take advantage of another?s weakness, just to cause them misery. It is wining, unprofessional, and na?ve to think otherwise. Our job is to anticipate as much as we can and make sure those holes are blocked, and handle the problems as they are presented. Should you want a hacker proof system, you need to dig a hole in your back yard and bury the computer. Otherwise, anticipate the things you can, and fix the rest of the problems as they arise.

      Ed Cauthorn

    • #3054615

      Is it legal? Read this download

      by ni70 ·

      In reply to Hackers, crackers, etc. – treated like heros?

      [i]Control your TV and raise your geek factor with TiVo hacks – TechRepublic[/i]
      http://techrepublic.com.com/5138-22-5842964.html?tag=nl.e124

      Legal or illegal?

      • #3047058

        Depends

        by jmgarvin ·

        In reply to Is it legal? Read this download

        The EULA (while toothless) may say you cannot modify the TiVo. While some EULAs state that if you do modify something, it is all on you and you are no longer supported, some EULAs are draconian and claim they can send you to prision for doing something like this (which is bunk).

        Anyway, I suggest MythTV and a Linux box over the TiVo.

    • #3047341

      We wouldn’t be here without them!

      by gdoc ·

      In reply to Hackers, crackers, etc. – treated like heros?

      OK, first, a hacker is someone that comes up with a different approach, or way of doing something.
      The first “Hackers” reprogrammed the MIT PDP to permit faster processing of their batch programs.

      A Cracker is someone that is attempting invalid connectivity to your systems.

      A Phreaker is someone that is trying to do the same if you are a Telecomm.

      There are “white hat” through “black hat” versions of all of the above (with the exemption of the phreaker, though this is concidered “old hat”..yawn).

      Folks that overclock their HW are hackers.
      There is a whole industry to support these “hackers”

      Software “hackers” bypass some of the limitations imposed upon the system through workarounds, and direct mitigation of the OS imposed limitations. Most games use “hacked” code to optimize for different CPU/GPUs.

      This leaves the crackers. Can’t say that theres a lot of them that are “white hat”, but because of the few that are, we can close the holes identified, wherein if they didn’t exist we wouldn’t even know that the holes were there.

      If it weren’t for the hackers, the “script kiddies” could be inside your boundry.

      I see scans going on constantly against the infrastrucures that I’m responsible for, and having the grey to white sites, allows me to prepare for and mitigate the upcomming challenges.

      Hacking has provided the OS vendors with the capability to block most of the scripted attacks (cracks).

      If hacking didn’t occure at all would we be better off?
      I think not, as some of the major advances in high availibility, nor advances in security, would have happened without them.

    • #3047082

      Reporters: feature or bug?

      by beeblevox ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Do we all spend that much time on this topic? If so, on which of the undefined facets of the subject. Please note that your hosts are a part of the problem. “Hacking” is a term that was hi-jacked by the techno-illiterate media, many of whom waste your time reporting on the spectacle rather than the useful.

      Personally I don’t spend anymore time that necessary to ensure that I know what is useful, and I believe that the “community” should encourage the press to employ a more strict set of qualifiers when discussing “hacking” in order that readers might be able to choose the useful over the innuendo. As I recall, the term hack has an interesting reflexive connotation as it relates to the reportering.

      Ask the authors to be more specific, so you won’t have to waste your time on this supposed cult of personality.

    • #3055873

      Point Blank

      by trading ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Let me sum it up for you.

      If the world was a perfect place we wouldn’t have this discussion.

      With this in mind its always going to be a constant struggle between us did you expect anything less in the cyber realm.

      Like it or not hackers,crackers and phreaks expose the flaws that we have yet to overcome in our industry not only that but they prevent total control.

      Human nature is to abuse power so right or wrong does not exist here just depends on what side of the fence you are on.

      A man can be measured by his contribution to the evolution of the human race.

      Before you cry foul try understand the curious nature of these people and ask yourself is there anyone out there better to be a tester for your products than someone who can manipulate your hardware/ software like they can.

      Take the positives from the negatives and build a stronger industry.

      There is a little Hacker Cracker Phreak inside us all this is human nature.

      Its how you use or abuse these skills that matter and for those of you who want to waste time arguing the point ask yourself what is echelon’s purpose and how is this different from anything mentioned here.

      Don’t our governments hire hackers for the very reason we are complaining here. There will never be a day without them and i for one applaud it because we all know they bring out the best of us.

    • #3055188

      Malware geniuses

      by gunnar klevedal ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Malware geniuses

      Couple of years ago, I read a discussion of white hats and black hats, even gray hats. I did not grasp it.

      As for computer viruses, it first started with the file viruses. Then came the boot sector viruses, and then macro viruses.

      What we have today is mail viruses, sometimes network aware, sometimes not. Not to forget attac vectors like IRC, Instant messaging and malicius web pages.

      It seems one author comes up with a brilliant new concept. Then there is a host of followers, who turn out bleak copies of the original. This is to confuse the Anti-virus application.

      All this is just a cry of -I am here, Look at me, See me. Just like grafitti. But these doings takes a lot of time for us. And had it not been for these blokes, we would not need bug fixes for the Operating System. Some bots on the other hand are made for stealing.

      However I cannot help admiring the author of the MS-DOS file virus 1701 ? Cascade , also called Autumn Leaves. The bad thing of the Payload is you have to reboot. The beautiful thing is, that when it activates, you will see a work of art. The letters will fall one by one to the bottom line and make a heap of characters.

      Tribute goes to Dr Alan Solomon, Inventor of the first useful Virus Protection for the IBM PC and compatibles.

      Regards
      Gunnar Klevedal

    • #3065082

      Reply To: Hackers, crackers, etc. – treated like heros?

      by kingbolt ·

      In reply to Hackers, crackers, etc. – treated like heros?

      Or maybe these IT professionals should not be called “professionals”…

    • #3058889

      Neither; it’s merely envy.

      by deepsand ·

      In reply to Hackers, crackers, etc. – treated like heros?

      The simple fact is that we are all in some manner inately fascinated by the abilities of others when such exceed those of our own desires.

      It’s called [i]envy[/i].

      =================================================

      Main Entry: en?vy
      Pronunciation: ‘en-vE
      Function: noun
      Inflected Form(s): plural envies
      Etymology: Middle English envie, from Old French, from Latin invidia, from invidus envious, from invidEre to look askance at, envy, from in- + vidEre to see — more at WIT

      1 : painful or resentful awareness of an advantage enjoyed by another joined with a desire to possess the same advantage

Viewing 33 reply threads