Article:  |
Fear and Loathing in Information Security | |
| Subject: | Hacking | |
| Date: | 2005-02-11 17:00:25 | |
| From: | coolspot | |
|
Ok... you might think that hacking is all "boundary pushing" and "an infinite level of posibilities within networks" but c'mon man... thats not what hacking ACTUALLY means to people. Hacking is sending people viruses, creating worms, defacing websites, stealig personal info. Ther is no two ways about it... hacking is bad. You can shout your whit hat hacker rubbish till your blue in the face.. but face it, hacking is bad. Bad. fine the ocasional "nice" hacker (if there truely is such a thing) may discover a security flaw in a program or service ansd tell the company involved... but the only reason its an issue is because of hackers in the first place. If there were no hackers there would be no problem. (that day will never come)
|
||
Showing messages 1 through 14 of 14.
-
Hacking
2005-02-11 18:24:53 Mick.Bauer [Reply | View]
You've missed two key points in my essay.
First, "hacker" doesn't mean "someone who tries to break stuff;" it's a very broad term that goes way beyond penetration-testing. I don't care to re-type the definition I devoted an entire paragraph to in the essay (see above), but suffice it to say that neither Linus Torvalds nor Lord Kelvin ever spent any appreciable time trying to break into systems, overflow buffers, etc.
To hack is to solve problems and expand one's knowledge; this may involve skills and pastimes that can be (ab)used to "hack into" computers, but more often it simply means figuring out elegant solutions to mundane computing problems not covered in the manual.
Second, I said that in my professional opinion, the vast majority of people who call themselves hackers (in the broad sense!) are not criminally inclined. Your experience may be different than mine, but I've been in this business for the better part of a decade, and my opinion is based on near-daily interactions with hackers who are both skilled and ethical. Again, many of them have no aptitude for or even interest in penetration testing, virus-writing, etc.; most of my hacker friends are in fact much more skilled at defending than attacking (myself included).
But hey, if you still prefer to fear all umpteen-thousand of us regardless of our actual behavior, I guess I can't stop you. -
Hacking
2005-02-12 03:33:22 coolspot [Reply | View]
Ok... if therer really is a different side to "hacking" a side which isnt harmfull, which dosent involve illegal stuff, which is productive and nice or whatever... then cant you call it something else. Because it simply dosent matter how many times, or to whom you speak it, saying hackig is nie wont work becuase hacking to almost everyone with a computer means bad. There is no way that anyone can change that now. I apologise for any bad sentiments toward you or other "hackers" who arent bad, from what you say your not and good for you, but hacker to most people means bad things for computers.
and about fearing hackers... you HAVE to. or atleast the effects of hackers. a firewall is an absolute must, dont even think about runing a computer without antivirus, and i have multiple anti spyware programs on my computer (i know its not QUITE the same thing, but it involves people knowing stuff about my computer i dont whant them to know) Security is extreemely important now, and this is simply because of hackers. or people writing worms, viruses and other evil crap. And im sorry, but hacker is synomenouse (spell?) with virus. A problem which needs to be guarded against.
so i do apologise to any "nice hackers" but, cant you change your name or something? i dont know... cracker... D.B.P (digital boundry pusher) SOMETHING but hacker will only get you odd looks and bad press. -
Hacking
2005-02-14 08:53:30 simmoril [Reply | View]
I don't think that people who have called themselves a 'hacker' for quite some time should be made to change their title because a few uninformed people have created a panic around the term. If the public has a bad view of the term hacker, then having hackers call themselves D.B.P.'s isn't going to help anymore than calling worms "self-propogating programs" would. The goal here should be to inform the public and change their uninformed view of hackers so that speeches like the one noted in the article aren't made again.
I agree that one must be aware of the exploits and vulnerabilities that hackers point out and make public. However, security is not simply a consequence of hackers. Security is a consequence of human nature. Banks don't just put your money in vaults because of safecrackers, they put your money in vaults because your average person will walk away with your money if they find it lying in the middle of the street.
'Hacker' is not synonymous with virus. One is a person. The other is a program. Yes, one is a problem to be guarded against. But a hacker is not a problem any more than a treasury agent familiar with counterfeiting is a 'problem' to the U.S. economy. Any belief to the otherwise is a gross oversimplification of the facts.
The issue here isn't the word. The issue here is getting 'most people' to change their personal meaning of the word. Odd looks and bad press are based on opinion, not fact. Opinions that don't HAVE to be set in stone. -
Hacking
2005-02-15 03:24:08 tommu [Reply | View]
It's a shame that people feel they need to change established terminology to make it easier for the lazy masses. In fact it's quite an ironic idea.. normally phrases for 'bad' things are changed by the spin doctors.. think of friendly fire, down sizing or (here in the UK) safety cameras instead of speed cameras.
On the subject of security.. if you lock your doors at night and keep your wallet well hidden then surely using a firewall et al should come as second nature and not a surprise? -
Hacking
2005-02-16 04:26:40 crash15139 [Reply | View]
So that is to say, if I leave the door to my house unlocked by accident, then I deserve to be killed in my sleep? If you walk by a store at 2am & see the front door is cracked open, it's not against the law to walk in and take what you want? ALL hacking is unethical & hiding in the underground of IRC only proves ALL hackers are cowards & criminals. -
Hacking
2005-02-17 10:33:22 Mick.Bauer [Reply | View]
No, no, no. The point of my essay is that most hackers are too ethical to hack into even the most poorly-secured system or network, unless they've been paid to do a penetration test or vulnerability assessment, by the system's/network's rightful owners. Most real hackers are too smart and too ethical to behave otherwise, in my experience.
To say "unsecured sites deserve to be hacked" is naive, immature, and unethical -- the police don't care, particularly, whether the person you mugged was 200 lbs and heavily armed, or 130 lbs and helpless. But the poster you're responding too isn't really saying otherwise -- I think the point instead is that like it or not, we need to pay attention to security, regardless of who we think the attackers are likely to be.
Also, we've still got some vocabulary-confusion, here. As I said in the essay, hacking is bigger than penetration-testing and virus proof-of-concept code; it's a mindset, a culture, and an approach to problem-solving, of which computer security is only a subset. (I know, most people don't know or care about this distinction, but the title of the essay is "Fear and Loathing in Information Security," NOT "Fear and Loathing in the Mainstream Media & Popular Consciousness.") -
Hacking
2005-05-11 12:56:41 crash15139 [Reply | View]
I "get" the point of our essay. And I come from a reference of having poked into a few systems in my day starting with the old Tandy's & AS400's. Even an old hacker like Steve Wozniak is a hero of mine & I get the mindset. Now, the culture part of it is your own opinion. My experience is that the crews I knew or ran with were not about solving problems, but about getting around the "rules" everyone else had to succumb to. You are making these people out to be more important than they are. If you really wanted to help, you would gather all these ethical hackers & petition Microsoft to stop binding every important process/service to TCP/IP, let's start there, & start knocking down why their OS is so vulnerable, why haven't any of your ethical hackers banded together to do this?? I'll tell you why, they need Mircosoft to be a step behind, oh yeah, for their own curiosity..... -
Hacking
2006-07-15 20:25:36 hack0r [Reply | View]
i have been hacking seince i was 7 (im 13 now) my parents supported it, and it has helped many people, i have helped add security to sites by testing security, and there is a whole group of hackers im a part of at hackthissite.org hackers arnt bad, those are "crakers" who are mindless morons, you sir are the idiot, you trust the media, you didnt research you are the bad one. i have hacked many things but, for good. are you saying a site about killing people becuse of there race and supports it should stay up?? is that better than hacking?? i have hacked a site like that and shut it down. think im bad? F*ck you!!
i have broken some laws but, for good reasons, the government makes you think hacking is bad because the govrnment fears us, but us hackers dont fear them, so the government uses people whot think there hackers and shows them on tv then, people think thats what a hacker is. hacker acually means "one who is experienced in computers and problem solving" i think i have done good, and that i dont hack like black hats who are morons (pretty much "crackers") i hope i will change your opinion. -
Hacking
2006-07-15 20:24:57 hack0r [Reply | View]
i have been hacking seince i was 7 (im 13 now) my parents supported it, and it has helped many people, i have helped add security to sites by testing security, and there is a whole group of hackers im a part of at hackthissite.org hackers arnt bad, those are "crakers" who are mindless morons, you sir are the idiot, you trust the media, you didnt research you are the bad one. i have hacked many things but, for good. are you saying a site about killing people becuse of there race and supports it should stay up?? is that better than hacking?? i have hacked a site like that and shut it down. think im bad? F*ck you!!
i have broken some laws but, for good reasons, the government makes you think hacking is bad because the govrnment fears us, but us hackers dont fear them, so the government uses people whot think there hackers and shows them on tv then, people think thats what a hacker is. hacker acually means "one who is experienced in computers and problem solving" i think i have done good, and that i dont hack like black hats who are morons (pretty much "crackers") i hope i will change your opinion. -
Hacking
2006-07-15 20:27:10 hack0r [Reply | View]
opps sorry for double post... dumb computer... -
Hacking
2007-04-23 21:31:24 JediToker [Reply | View]
I know this is an old post but i cant pass by and not say anything to this thread, the only point id like to make is the terminology that you guys are using like the term hacker to band all kinds of hackers into one category
As far as i know there are three types of computer hackers:
Black hat or crackers - These are the bad guys, the ones that do the evil shit like writing viruses, break into your computer to steal your credit card info an stuff like that.
White hat - These are the ethical hackers, the guys that do penetration testing for companies and generally dont go around sneaking into places they shouldnt be.
Grey hat - These guys are a mixture of the two, they are ethical in there means like our 13 yr old friend above, do honorable things by illegal means, like the fucking over nasty websites n stuff (i think its Hacktivism but dont quote me on that, it might be something else :P) There was a guy in the states who posted child porn infected with a trojan so that anyone who downloaded the pictures would get infected and enable access to the hacker who would then go about gathering information for the cops.
Labeling all these types into one type "hackers" is an insult really and would be like calling a locksmith a burgalar, just because the locksmith has all the tools he needs to get into your house and f**k with your s**t doesnt mean that he's going to -
Hacking
2007-06-21 13:39:23 crash15139 [Reply | View]
so then why aren't there different ethical labels for the different type of locksmith's??? I mean they have all the tools....they also have to be "REGISTERED" dumbass....a real locksmith doesn't have the luxury of hiding in underground chat rooms & irc channels like the coward hacker... a locksmith that has the tools & breaks into your house is a "criminal", a hacker with script tools that breaks into a system is also a criminal....case closed -
Hacking
2007-06-21 13:37:58 crash15139 [Reply | View]
so then why aren't there different ethical labels for the different type of locksmith's??? I mean they have all the tools....they also have to be "REGISTERED" dumbass....a "locksmith" that has the tools & breaks into your house is a "criminal", a hacker with script tools that breaks into a system is also a criminal....case closed
It just as moronic as when Nixon said "nucular" instead of "nuclear". Many people copied it because he was Prez at the time! You would not change your name because all people or the media get it wrong, or would you?