A Peek At Script Kiddie Culture

Brian Bruns writes "NewsForge is covering an article on the Script Kiddie Culture, in an interview with my co-admin Andrew Kirch. It provides insight into a culture that not many people fully understand, or get to see."

What is there to understand?

Search, copy, paste.
Woho! Im leet!

How is this a 'culture'?

[Gothmolly]

Are people looking for some Gibson-esque secret cabal of script kiddies, who are building operating systems at age 8, can speak in hex, and have secret h4X0r access to everywhere?
I think people watch too many movies. Or is defining 'script kiddies' as a culture an attempt to rationalize the level of ignorance we experience when trying to comprehend all of computing technology? Since nobody can be good at everything, is it a mental safety valve to create uber-computer users, who 'get it', who can do 'cool things', who are 'in the know'? Isn't this the same thing as creating Gods to explain otherwise unknown natural phenomena?

Re:How is this a 'culture'?

[_Sharp'r_]

I thought the script kiddies were the ones that didn't do any more cracking than search/download/copy-and-paste?

The people who actually know what they're doing are much more dangerous, generally on the grey to white side of the law and don't bother with DDOS on somebody's little website, since if they really wanted to, they'd just take entire nations' Internet access down.

I mean, I could think of a 1/2 dozen ways to wipe out a whole country's internet access completely for a day or two (no, I'm not going into details here, but if use BGP in your work life, you can probably think of a few also), but most people who've spent the time to learn at that level also are mature enough to realize that there isn't much of a point to wanton destruction.

Re:How is this a 'culture'?

[LostCluster]

It's a culture that we should try to understand, because if we can find a way to take away their motivations, we'll have less hassles to do with on our networks.

What a 0day really boils down to is a mistake that a programmer made that never got corrected and therefore got distributed, but this mistake has yet to be documented in any way. White hats announce what they've discovered in the form of a patch, or at worst a security alert to the public. Black hats announce what they've discovered in the form of a malware attack.

Really... we'd like to know what motivates black hats, because we'd like to find a way to get them to play on the white team.

Re:How is this a 'culture'?

[SavingPrivateNawak]

But the script kiddies described in the article seems quite technical (not just "I winnuke you lolol") since they seem to discover vulnerabilities way before everyone else (Cf Article).

I don't want to start another hacker/cracker flamewar but I think we should reserve the term script kiddies to people who effectively do nothing more than running other people's malicious scripts.
We need to find another term for describing these immature, yet skilled, adolescents that discover vulnerabilities by themselves in order to higher their social rank. (Cf article where they talk about '0day servers' with newly found vulnerabilities ready for kiddies' next war)

Re:How is this a 'culture'?

[_Sharp'r_]

Exactly. Someone with knowledge of multiple "0day" vulnerabilities doesn't fit into what I'd call a script kiddie. They could be a kiddie, but "0day" and "script" in this sense are usually mutually exclusive.

Re:How is this a 'culture'?

I'd mod parent funny but not insightful. As a kid in the 80s I was part of a bbs culture. Whether people liked it or not it still had its own social norms and modes of expression and behavior. Just because these kids are assholes doesn't mean there's no culture there .. it just means it's a culture of assholism. that said, i think parent post is legitimately humorous.

Re:How is this a 'culture'?

[mingot]

Really... we'd like to know what motivates black hats, because we'd like to find a way to get them to play on the white team.

Desire to compete coupled with a strong fear of rejection. All you have to do to 'win' is be hated.

Re:How is this a 'culture'?

[zagmar]

I think one of the points being made in the article was that these kids are fed the exploits in order to remove any potential legal reprisal from the original discoverer, hence the mention of Al-Qaeda. Think about it this way: I'm a 30 year old sysadmin with a chip on my shoulder and I discover a nasty security hole in a piece of software that my employer, as well as hundreds or thousands of other companies, use. Am I going to use this myself, opening me up to all kinds of charges (which are much easier to back up because of my position, and which have much nastier names, such as "corporate sabotage,") or am I going to tell the gang of 1337 h4x0rz that I see every night on IRC, hoping that they will hit my company as well as all the others that use the software?

Re:How is this a 'culture'?

[lxs]

I guess in the same way that glue-sniffers that scrawl their names on bus-shelters are part of an 'artistic movement'

Give a kid a felt-tip pen and he thinks he's Bastiat, give the same kid a computer and he thinks he's Kevin Mitnick.

Re:How is this a 'culture'?

When you get back from being high, please note that the aggregate behavior of large populations (which is predictable) has little to do with the individuals that make up the group.

Re:How is this a 'culture'?

[DerekLyons]

Bored children break stuff for the sheer hell of it.

No. Ill-raised children break things for the sheer hell of it, bored or not. These script-kiddies are no more and no less than the end product of the permissive 'kids-will-be-kids' theory of parenting.

Thank you Dr. Spock.

Re:How is this a 'culture'?

[redhog]

Or the result of you-can't-do-this-and-you-can't-do-that raising, where the kid becomes more introvert/hiding in its search for playground, and eventually ends up doing really nasty things as soon as the parents aren't watching.

The only way to raise a child not triggering its "do the opposite of what you say" when you ask it not to do something that really is bad, is to never say no if it really isn't a problem, and when saying no out of rreal need, allways motivate the no with good arguments that the child just can not ignore the truth of.

Two implications

The most amusing implications are:

a) Its a culture.
b) Someone would actually want to see it.

10 years ago I did the script kid thing for a bit (before having a life). Its a bunch of kids who's parents are not really involved in their lives, and have nothing better to do than look for a digital mate by typing "A/S/L?!?!??! and talking about their privates.

I could seriously care less.

Did you miss the part...

[Ayanami+Rei]

where they mention that "no one wants to download grsecurity" or "tru64 is where it's at" or "some kiddies target Solaris and Irix because that usually means a big pipe".

Try a little reading comprehension first.

Publicity

[Un0r1g1nal]

From what I understand of script kiddies they mostly do stuff from sheer boredom (what ever happened to the good ole outdoors?) and for the extra pseudo attention they get from it. Surely by attempting to interview and do articles on this 'culture' they are just pandering to the desires of these script kiddies. And rather than helping them to realise that they need to grow up etc, the extra attention is only going to make them have a greater desire to wreak havock with their 'leet skills'

Not a culture

[Lord_Dweomer]

This is hardly a culture. This is a personality stereotype. And a fairly accurate one at that. It's a derogative term used to identify people who do not make their software toys on their own, but instead download the hard labor of others and use it to perform meaningless, and often times annoying pranks.

I think I have a comparison to sum this up.

Script Kiddies is as much a Culture as 1337 5p34k is a Language.

Re:Not a culture

[rawb]

Maybe the 'script kiddies' aren't exactly what he was describing, and there needs to be a new term for the characters in the story, but what he did describe certainly is a culture.

When I was 15 I had a friend give me a few scripts which i ran randomly for a few days. I didn't go to chat rooms for that stuff. I didn't talk online with those people, and I didn't become involved in the alliances of groups. I was given a program, and I used it to get me some earthlink passwords. That's a script-kiddie.

The descriptions in the story, though, is definitely a culture where alliances are formed, a circle of silence and shadow is formed around those with 0day-whatever access, and the people who program the exploits most likely came up into the circle of trust by way of these allianced groups, gaining the trust of people higher and higher and showing competance in their coding.

The fact that attacks on government machines occur not for the purpose of attacking a government machine, but instead to trick your opponent into doing it and getting him/her into trouble shows it's a culture of its own, one that has no respect for the predominant culture and is willing to use our tools to hurt their enemy.

So yeah, I say its definitely a culture. WHether it deserves to be one or not is another matter altogether.

Society Problem

[rotty]

It's not a hobby, it's a social life. These kids don't have much outside of this. Most of them, if they were to go parties they would get beat up. This is their social life.

Well, the whole article just talks about how to prevent the "skript kiddie" behaviour, but no word about that the cause might be our society, not giving these kids a way to enjoy theirselves without involving in malicious actions. It's the same as with drugs: everybody is talking about how to stop drug dealing and consumption, but little is done to tackle the root of the problem; the reason why the kids are not welcome on parties, get bored and thus involve in DDoSing or start experimenting with drugs.

Configure your router/firewall correctly

[PacoTaco]

Everyone please take the time to configure your gateways to drop outgoing packets with spoofed source addresses. This doesn't take long and potentially saves everyone else a ton of grief. Logging these funny packets is also a good way to tell if a machine on your network has been compromised.

The thing that gets me...

[Phil+John]

...is that some of these kiddies seem to strive to bring down the one thing that gives them any sense of purpose.

Like the attacks on the root servers, well done, bring the domain name system down, now update your hosts file by hand when you want to visit a website/chat on irc to your mates about how 31337 you are.

It doesn't sound right...

[bentonsmith]

...the interviewed party sounds like he's making things up as he goes along for greater exposure and interest. There is nothing there that jumps out to me and says "liar", but at the same time, I think that the interviewee might have been, er thinking about this topic too much and might be blowing things out of proportion just a little bit.

Do people on IRC attack conference line services? Oh yes, I've seen it being done several times, and FoF is something of a wheel in this scene. Are said hijacked conference lines used for neferious purposes? I'm sure once in a while, but really they are mostly used for the purposes of socialization... same as has been the case with phreaking the past.

What do people do the first time they phreak? They call a faraway place and talk to someone just because it is neat to talk to someone in England, or Fiji or somewhere far away without cost.

What is the primary use of these phreak'd conference lines? Socialization, a way for people who are geographically distant who have got to know each other on IRC to talk to each other without cost. Believe you me, the content of these conversations is far more likely to contain dreary e/n stuff rather than Plots To Take Over The World.

The intimation that this culture could somehow be for sale to nefarious people and powers is frankly outrageous and hysterical at the very same time.

Now if only these kids had some direction....

[newdamage]

I know this is just asking to get flamed, but if these kids had some proper motivation and direction, they could probably do some pretty impressive stuff.

I know script kiddies are the bottom feeders of the hacker/cracker world, but most are still very young. But they obviously have enough technical knowledge to cause alot of trouble, and channeled in the right direction they could probably grow up to be fairly proficient developers and really become an asset to the tech community.

But then maybe I'm just being naive and optimistic.

Nice question!

[955301]

I'm betting that the kiddies play a role, in much the same way the messenger does for the author of the letter.

And like the messenger, they are more likely to get shot by the good guys when the let a hack loose into the wild.

Could it be that a few black (and possibly white) hatters find that they serve a purpose?

Script kiddie "Culture???"

[swordgeek]

Wonderful. Now the vandals have a culture. Charming. Let's next do an article on the graffiti "artists" who spraypainted my brother's garage. How about the spamming "free speech activists?" Or the good souls at NAMBLA?

Vandalism is vandalism, and crime is crime, no matter how you dress it up. Criminals have a long history of pretending to walk to the beat of a different drummer, being misunderstood, put-down, trod on, etc.; but at the end of the day, they're just fucking criminals looking for a scapegoat instead of taking responsibility for their crimes.

Re:Script kiddie "Culture???"

[Jerf]

Calling it a "culture" is simply descriptive, not a value claim. There are illegal drug cultures, too. In fact, there are several quite distinct drug cultures; casual weed smokers are different from the hard drugs are different from the ecstasy group. There are quite a few other criminal cultures too.

They meet every criteria for a looser definition of "culture", such as one might describe a hacker "culture" or a sports fan "culture". Of course, they aren't a seperate culture like "US culture" or "French culture", but from context, most people won't mistake the two.

You seem to be seeing an implicit claim that "all cultures are equally valuable", which is a post-modern conception. While there are some academics who would take it down to the finer-grained culture definition (e.g., "hacker" and "ecstasy"), most people apply that only to the coarser-grained one ("French", "Chinese", etc.). Most people would agree that there definately are some cases where one [fine-grained] culture is clearly inferior to another, so by calling the script kiddies a "culture" doesn't logically imply that there is a claim that their actions are OK because all cultures are equal. (There are even some atavists like myself who reject post-modernism entirely; makes it easier to ID implicit post-modernism it when I see it then those who are steeped in it.) Given a choice between a person joining script kiddie culture or joining a sports culture, I know which is more likely to turn out well for both the person and culture at large.

Thus, there are also graffiti cultures. I'm unsure about NAMBLA, I have no idea whether they qualify as a culture, but I doubt it. Similarly for "free speech activists"... other then similar beliefs on free speech issues, that doesn't otherwise imply an outlook, a unique jargon, dress patterns, frequent organized or semi-organized social encounters, etc. that one would normally associate with a "culture". (Script kiddies are odd in that their associations are strictly online, but their demographic similarity, speech patterns, thought patterns, and online meetings are enough, I'd say. Note I'm not trying to carefully define "culture" in this sense since it would be very difficult to match what me mean by the term.)

Re:Script kiddie "Culture???"

[Ironica]

Wonderful. Now the vandals have a culture. Charming. Let's next do an article on the graffiti "artists" who spraypainted my brother's garage.

Actually, a fellow student of mine is doing his thesis in Urban Planning on that very topic. Mostly he's looking at how graffitti and tagging are an attempt to claim public space in an increasingly privatized world.

Vandalism is usually a reaction to something. Instead of bitching, if you find out what it's a reaction to and then see what you can do to address the issue, you'll have a lot more success and peace in your life. It may not always be something under your control, but the gut reactions we tend to have to these types of acts often simply make the root causes worse, and perpetuate the situation.

Exactamundo

[benjamindees]

Kids do all sorts of anti-social stuff, but, even when they're mostly minding their own business, they get pissed on. I love it how everyone expects *teenagers* to spend their free time caring for puppies and the homeless.

Here in a decent-sized city in the (yay) midwest, the evening activities available to those under eighteen are: bowling, cruising, wandering the streets aimlessly, and, ummm, well that's pretty much it.

Everything in town closes at 9:00. *Public* parks close. There's a constant crackdown on 'cruising' for some reason. There's an 11:00 curfew for everyone under-18.

So, the choices for a kid growing up around here are: 'sit in your room all evening with your computer' or 'break some sort of law'. Apparently, now our fearless leaders have found a way to make 'sitting in your room' against the law as if they would rather these kids be roaming the streets vandalizing cars and buildings. Great.

At least, this way, they are actually learning some things about computers and causing *very* little damage in the process. I think we all need to be a little more realistic: kids cost money and destroy things. The fact that *the internet* isn't a little more kid-proof should be of more concern to everyone than the slightly-less-than-moral decisions made by a bunch of teenagers.

Re:not many people fully understand, or get to see

[Ironica]

Joe Average needs tax dollars spent ensuring the welfare of our society, not the welfare of Bob Businessman's T3 lines so profit margins remain high.

Generally I agree, except...

Bob Businessman is Joe Average's boss's boss's boss. When his T-3 line for the site that sells whatever widgets Joe Average is putting together gets sucked dry, it costs the company money. Six months later, when they have a shareholder meeting coming up, that expensive worm might cost Joe Average his job in a layoff.

It's important to recognize that the resources needed by some people aren't the resources needed by everyone. But by the same token, it's also useful to recognize when the resources sucked up by one abuse end up costing others important resources down the line.

Re:Baseball BATS !

[Night+Goat]

Look, if you're not going to discipline your kid, don't be surprised if he learns the hard way. It's not like the guy even hit the kid, he just put a bit of realism into the kid's vandalism spree. It's a sad world when parents defend their kids' vandalism.

Re:Just how do you stop a DDoS?

That poor admin can call his ISP... but there's really not much the ISP can do from their side of the line.

Sniff the garbage, analyze it, block IPs somewhere upstream. Worst case, if the zombies are randomly spoofing IP addresses you could still trace them back hop by hop. A giant pain in the ass, but possible. Steve Gibson has a great article about dealing with a DDoSing script kiddie.

Re:Let us bandy words, shall we?

[wmspringer]

I know plenty of people here can come up with a long list of things our government wastes money on. Furthermore I'll bet'cha we can get over half those involved in the discussion to agree to the slashing of this or that. What say ye pantheon of knowledge?

Unfortunately...

The liberal voters here will say that the tax cuts for millionaires are what we should get rid of.

The conservative voters will say that services for the poor (welfare, etc) are what we should get rid of.

Neither side will agree with the other.

Re:Law and Order Episode

[Monkelectric]

I agree with you 100%. I think something thats really missing from our society is the idea of consequences which I think is what you're hitting on. Most places in the world, if you messed with someones business there would be consequences that wouldn't necessarily be legal in nature. Your community might look down on you or you might get the crap beat out of you. Those things serve REAL purposes, police can't be everywhere all the time, but people can...

Now police are the only ones authorized to provide consequences or even make judgements which means anything that doesn't have critical mass slips under the radar.

Re:Let us bandy words, shall we?

[sirsnork]

My biggest concern is nothing will be done until it gets to the level we currently see for spam, and then it will be too late because as soon as half the taffic on the internet is false and can't be routed properly (due to spoofed addresses) we are all SCREWED

Re:Just how do you stop a DDoS?

[Slashamatic]

Large companies have multiple IP addresses and pipes. It then becomes possible to reconfigure so that only one pipe becomes stuffed and normal traffic is redirected. It is more of a problem when you don't have so much spare capacity.

Better explanations available?

[iion_tichy]

Maybe it's still too early in the morning for me, but I didn't understand much of what that article said. OK, Kiddies organize in gangs and they hang out on IRC. What else is going on?? What does the 'war' consist of, who controls more machines on the internet? And it's being fought by copy & pasting the lastet Viri, Trojan Horses etc. and spreadng them around? Why can't IRC be secured, after all those years?

Some understandable explanations would be much appreciated...