Slashdot Mirror
Hackers: Under The Hood
jyre writes "ZDNet Australia has a special report that profiles and interviews five hackers over the next five days. Day 1: Raven Alder's page is up now (inludes photos). Day 2 will be Attrion.org creator, Jericho. Day 3: Adrian Lamo. Day 4: Kevin Mitnick and Day 5: L0phtCrack creator, Mudge."
This is to be expected from a mainstream publication that intends to present "hacking" in a mainstream light. I say, read at your own risk.
But are they going to define hacker? Are people going to see this as a bunch of articles about some scum who break into computers, or are they going to see a bunch of articles about people who have an intimate knowledge of computers? Either the meaning of the word hacker needs to change, or another word for the computer savvy needs to be found.
more high profile 'hackers' explaining their driving influences. Raven Alder bashing script kiddies and suggesting that users learn how to use their toys is a good way to start. I wouldn't argue for a second with a girl that is as cute as Bjork and could audit my security.
"Lame" - Galaxar
Self-styled 1337 h4x0rs aren't particularly skilled with computers. They just do stupid shit that other more mature computer users won't waste their time on.
If I was a loser I could burgle houses if I chose to. It's not exactly difficult. Even the rich neighborhoods would be easy pickings. I'm sure I could break into many places before I got caught. But I'd still be a loser.
So why are the computerland equivalent of dirty little sneak thieves constantly being feted as heroes and geniuses all the damn time?
I hate movies like 'Hackers' which give zit-faced teenage virgins the idea that they'll get to screw Angelina Jolie if only they could be 1337...
Yeah alright, they had a defacement archive back in the day, they're dried out now. What have they done since then and really what good was the defacement archive? All it really did was encourage defacements.
The other guys have either shown skill, or created something. And lets shut up about "cracker v.s hacker" BS. Hacking is a SKILL SET, you can define black hat, grey hat, white hat from there if you want. Just because someone breaks the law doesn't mean they aren't a good "hacker" and are suddenly a "cracker".
Also remember not all intruders are "dumb kiddies" there takes skill in a real intrusion even if you are using pre-canned exploits. There is a hacking mindset to getting into places. Its the same mindset used in writing unique code, among other things. Its not all dotslash. Thats like saying U.S Special Forces are 'kiddies' since all they do is a pull a trigger. Wrong.
So tired of these people ranting and raving about 'cracking'. Get your head out of your asses and get off the bandwagon.
Hi. It's really nice to know that whatever I can do technically, that it's my cup size that really matters. I'm 28. I do backbone security, incident response, vulnerability assessment, and pen-testing. I work in varying capacities with Nessus, Snort, and the Open Source Vulnerability Database. And fuck you. http://www.oneeyedcrow.net/securitygeekfemme.html
If they were really oh so 1337, nobody would have ever heard of them, and they wouldn't be talking about their escapades either.
Si tacuisses philosophus mansisses. If you had kept quiet, you would have remained a philosopher.
First, in the spirit of full disclosure: I know Raven. I know her well enough to be thoroughly impressed by her and her competency. By "thoroughly impressed" I mean "vaguely intimidated", too, and you know, that's not a bad thing to feel. Gives me an incentive to work that much harder. Competition is good.
Reading this thread so far has led me to dismay. What thread dominates? Something that's so crude that it ought to be beneath our dignity to respond, even to condemn it. A few people have jumped on the trolls, modding them down into oblivion or responding to them.
Here's a question: why? All it's doing is giving the trolls publicity. All it's doing is making people think that gender is an issue, because if it wasn't an issue, why would such a firestorm exist? If it wasn't an issue, why wouldn't the trolls just get modded into oblivion and go ignored, like the GNAA trolls?
If you want to make a statement, if you want to condemn the immature and third-grade behavior of the trolls, if you want to say "look, I for one welcome competent people and I don't give a damn what plumbing they've got", the best response is not to jump on the troll bandwagon and respond to them.
Mod them into oblivion, and let them be forgotten.
They are nothing. For nothing, let there be nothing.
If you want to make a statement, if you want to make a stand, if you want to say "look, I have no clue who this woman is, but frankly I'm appalled by some of the behavior here"... well, hey. Respond to this thread. Mod up responses in this thread. Let's take the publicity away from the trolls and put it to productive use. Let's see if we can't get a few dozen Slashdotters to make a positive stand instead of going around and giving the trolls what they want--furor.
It's really nice to know that whatever I can do technically, that it's my cup size that really matters.
You're getting shocked by immature comments on slashdot? Is this your first time here?by raven_alder (772810)
Oh...I guess it is.
P.S. Proud to be unfairly discriminating on the basis of userid, not cup size.
Sounds like a bad chapter from the Acro-nomicon: The Book of the Semantic...
The semantics arguments are just as tired...
LosT
"We are the music makers, and we are the dreamers of dreams."
All feminists don't necessarily agree... just like "hacker" can have a whole bunch of different connotations, so can "feminist". And, like many other minority groups, we are often known by our extremists. I think that makes it all the more important for those of us who *aren't* extremists to use the term rather than abandon it.
For clarity's sake, I am a feminist in the "I believe in equal rights" way, not the "I believe in special treatment" way. I do not believe in or condone banning books. (Indeed, my car has a "Read banned books" sticker on it.) And you can see my take on feminism and porn, as relevant to your linked Foucaultian debate, right on my site. [grin] So, I suspect that we largely agree. Thanks for a thoughtful and intelligent comment. It's refreshing.
And don't care what gender the person is. A wannabe guru "h4x0r" is a total fruitbag luser. It's that simple. If he/she was truly skilled, he/she wouldn't be hoping to get publicity from the sucker-media. He/she would be EARNING it with true ability. Hacking is easy. Another poster has already pointed out that hacking/cracking/whateverthefuck is like breaking into houses: any scumbag can do it, but it doesn't change the fact that you are still just a scumbag, no matter how good you are at it, because ANYBODY can break into shit with the help of some cracking-by-numbers VB toolkit.
If you know how to break into a room, you can help people to shut the door. Most security folk are ex-hackers. It seems like Raven is in that catagory. Not that I know much about her outside of the article.
___
It's the end of my comment as I know it and I feel fine.
Admittedly, my only experience working with her was spending three days on the same team as her during last year's capture-the-flag contest at defcon, but it was pretty clear that she's very good at what she does.
The kind of stuff she does is far above and beyond the sort of "easy pickings" you're imagining.
Don't project your own script-kiddyness onto people actually have skills.
It's really nice to know that whatever I can do technically, that it's my cup size that really matters.
I sympathise, knowing as I do that women never joke about male bodyparts.
I'm 28.
I'm 38. That doesn't matter either.
I do backbone security, incident response, vulnerability assessment, and pen-testing. I work in varying capacities with Nessus, Snort, and the Open Source Vulnerability Database.
Whoopee. You must be so proud. The rest of us are scratching our heads, and wondering how to open the box our Packard-Bell was just delivered in.
Honey, if you have to tell people how great you are, you're not great.
And fuck you.
No thanks, I married somebody much classier than you. But hey, thanks for the offer!
Okay, so you don't want to specialize at the moment. Fair enough. I am assuming that your wanting to understand "how things work" is programming in general and not security programming/code audit?
In short, find something that you are interested in and take it apart. [grin] You don't necessarily have to follow a structured academic program to become proficient in a field, whether your intent is to make it your hobby or to make it your profession. My academic background is entirely not in CS, and though I have many friends in CS academia, what they do can be very different indeed from what I do day to day. I learned mostly by experimentation and research on things that I was interested in.
So, find something that you like. Look at the source code, if it's available. Try to figure out what does what. Change things around, and see if you can make it better. One of the best ways to learn for many people is by doing. If you don't know what needs doing, volunteer for a project that is already established and is looking for people. Open Source is so helpful this way -- it feeds your resume *and* helps the community.
My first programming language was Perl. I was told by many geeks that this was a bad choice -- it would give me bad habits if I ever wanted to move to a language with a more rigorous structure. They were right, but it was both a good and bad thing. When I started doing C, and in particular when I started poking at kernel code, I had a lot of extra learning to do. But Perl was still a good way for me to start, because when I started programming I wanted to do quick scripting, not kernel hacking, and the flexibility of Perl was great for me.
Far from my first time here, but the first time I bothered to get a login, yes. [grin] I knew someone was going to bust my chops for that.
And no, I wasn't shocked by the immature comments, but I gave the trolls one reply. Why? I'm not interested in an extensive flamewar, but a lot of women just shut up and look uncomfortable when stupid sexist bullshit happens. So, that was my token protest. I'm not intending on feeding them any more, and I doubt I changed any of their minds, but I probably made a few lurking women feel better.
So when do we get to see some articles on the people that really do matter?
Why is it that programmers get no love? What about the programmers who have changed/influenced culture within the last decade in gaming, corporate, or home use.
*tear* all people want to do is tear our software down and praise the people that do it *tear*
Oh and also lose the name Raven (assuming that's a nickname). Is there something wrong or disturbing or embarrasing about your *shock* real name?
That's a very good point, Anonymous.
Part of the problem is how the term "cracker" gets defined. Do I know people who've cracked systems? Yep. Do I know people who've cracked systems they didn't own and didn't have permission to crack? Yep. Did these people always have solid ethical reasons for it? Yep. For instance, RMS has cracked systems several times, and each time with solid ethical reasons for it. I wouldn't call RMS a cracker.
But people who've done these things for less than ethical reasons? No, I haven't met one single person in the industry with that sort of background who's taken in any way seriously.
Admittedly, I don't know the entire backgrounds of every single person I've met. But all the reputable people I've met have been unanimous in this opinion: if in the past someone's decided to disregard all social law and ethical concerns, there's absolutely no reason to suspect that they're now walking the straight and narrow.
The security field runs on integrity. If you don't have integrity, you've got absolutely nothing. Anyone who hires a security geek whose integrity is blemished is making critical gambles with their essential infrastructure.
Today in Internet Kindergarten we learn that what a link says and where the link goes are NOT THE SAME THING.