Hackers: Under The Hood
jyre writes "ZDNet Australia has a special report that profiles and interviews five hackers over the next five days. Day 1: Raven Alder's page is up now (inludes photos). Day 2 will be Attrion.org creator, Jericho. Day 3: Adrian Lamo. Day 4: Kevin Mitnick and Day 5: L0phtCrack creator, Mudge."
I love attrion.org! It's the best way to start my day, opening the old browser and surfing on over to attrion! First on my list of things to do in the morning!
:)
Mods don't hurt me
Flying Jesus!
The total amount I care about self-proclaimed "H4xx04s?"
0.
This is to be expected from a mainstream publication that intends to present "hacking" in a mainstream light. I say, read at your own risk.
dude, that's her first grade photo.
But are they going to define hacker? Are people going to see this as a bunch of articles about some scum who break into computers, or are they going to see a bunch of articles about people who have an intimate knowledge of computers? Either the meaning of the word hacker needs to change, or another word for the computer savvy needs to be found.
more high profile 'hackers' explaining their driving influences. Raven Alder bashing script kiddies and suggesting that users learn how to use their toys is a good way to start. I wouldn't argue for a second with a girl that is as cute as Bjork and could audit my security.
"Lame" - Galaxar
Mmmmm... L0pht password cracker. *urgh!* "Me use brute force!" *urgh!*
I'm actually surprised there have not been more television biographies on hackers. It seems A&E Biographies, Discovery Channel, Learning Channel etc. would want to tell these stories.
www.reeddavid.com
You like looking at the IE error page? Weirdo ;P
Everyone should know that it is ATTRITION.org, anyhow (and, at least, the link is correct).
Self-styled 1337 h4x0rs aren't particularly skilled with computers. They just do stupid shit that other more mature computer users won't waste their time on.
If I was a loser I could burgle houses if I chose to. It's not exactly difficult. Even the rich neighborhoods would be easy pickings. I'm sure I could break into many places before I got caught. But I'd still be a loser.
So why are the computerland equivalent of dirty little sneak thieves constantly being feted as heroes and geniuses all the damn time?
I hate movies like 'Hackers' which give zit-faced teenage virgins the idea that they'll get to screw Angelina Jolie if only they could be 1337...
Raven's my coworker. Quite techincally, she rocks. and oh, that tit size comment? ... (a direct quote)
"Fuck you ".
And yes, she's talking about You
da w00t. mtfnpy?
There's nothing at attrion.org. Unless you typo'd the typo back to attrition.org, which is what it's supposed to be...
You obviously haven't ever met any really ugly women. Trust me, they get a lot worse than that. Think Jean Teasdale from The Onion.
That's about the most perfect example of what she's talking about anybody could have come up with...
Yeah alright, they had a defacement archive back in the day, they're dried out now. What have they done since then and really what good was the defacement archive? All it really did was encourage defacements.
The other guys have either shown skill, or created something. And lets shut up about "cracker v.s hacker" BS. Hacking is a SKILL SET, you can define black hat, grey hat, white hat from there if you want. Just because someone breaks the law doesn't mean they aren't a good "hacker" and are suddenly a "cracker".
Also remember not all intruders are "dumb kiddies" there takes skill in a real intrusion even if you are using pre-canned exploits. There is a hacking mindset to getting into places. Its the same mindset used in writing unique code, among other things. Its not all dotslash. Thats like saying U.S Special Forces are 'kiddies' since all they do is a pull a trigger. Wrong.
So tired of these people ranting and raving about 'cracking'. Get your head out of your asses and get off the bandwagon.
Theres one more below it
If you aren't computer-ignorant. But the media are computer-ignorant, and are happy to stay that way.
A few years ago a major New Zealand ISP was "hacked" -- or so the media said. The biggest talkshow host of the time interviewed the alleged "h4x0r" live, and proclaimed him to be a "computer genius". We were all in deadly and imminent danger of being hacked by guys like him he said.
The "hacker" in question was a 13 year old whose friend's older brother worked for the ISP. The older brother had stupidly given his staff login and password to his kid brother, who had, naturally, shared it with his friend, the "genius hacker". This friend then logged in and deleted a bunch of hosted websites. Pretty frikken 1337, huh?
Take the little assholes out and beat them with wet towels, then make them parade naked through the streets. A fit punishment for such computer Uber-Gurus.
Hi. It's really nice to know that whatever I can do technically, that it's my cup size that really matters. I'm 28. I do backbone security, incident response, vulnerability assessment, and pen-testing. I work in varying capacities with Nessus, Snort, and the Open Source Vulnerability Database. And fuck you. http://www.oneeyedcrow.net/securitygeekfemme.html
If they were really oh so 1337, nobody would have ever heard of them, and they wouldn't be talking about their escapades either.
Si tacuisses philosophus mansisses. If you had kept quiet, you would have remained a philosopher.
At least they didn't regress to the "nice boots" comment you're likely to get at the local g0th club-
LosT
"We are the music makers, and we are the dreamers of dreams."
CHAI TEA!?
The above is not specially a troll :
I remember a Slashdot story featuring a list of hackers including Richard Stallman, Eric Raymond, Woz, etc.
According to rms, a Hacker is a "bidouilleur", now, the ones which you mention in this very story are more on "the dark side" (like it or not, Mitnick was convicted because of criminal activities).
So, would you mind specifying which kind of hackers you refer to ?
(Otherwise you'll let people get confused whether a hacker is good or not)
Trolling using another account since 2005.
Feel free to be a self-admitted feminist, but realise that the likes of that group are responsible for banned books in Canada.
Through its decision in the Butler vs. Her Majesty case, the Supreme Court of Canada adopted Catherine MacKinnon's definition of obscenity nearly word for word into Canadian law. This 1992 court decision -- which was vigorously championed by most feminists in Canada and the US -- allows Canadian customs to seize what it judges to be pornography at the border as the material is being imported. In reaching the Butler decision, the Supreme Court acknowledged that it was violating freedom of speech, but it deemed the possible harm that pornography could inflict on women to be of greater legal significance.
Unlike others I generally prefer to keep my opinions of a woman's body to myself. However, I definately can't support any set of ideals that requires mass censorship. I believe that makes me anti-feminist, but moderate.
You, on the other hand, may not be a feminist at all, at least according to that article, although you choose to identify with them.
Pardon me if I came on a bit strong there, but when a select minority-by-choice of people can, at a whim, introduce sweeping censorship laws I get really pissed off.
If you are asking for a change from society's old views of yourself, you might want to avoid clothing yourself in a devil's cloak. In short: Choose a better term than "feminist". I don't believe you are one, and the term carries far too much misandrist baggage for you to be taken seriously.
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
In addition to that I dont think that you understand the meaning of sexism, slashdotters will bash both men and woman alike did you see the fat guy in the TRON costume!?
First, in the spirit of full disclosure: I know Raven. I know her well enough to be thoroughly impressed by her and her competency. By "thoroughly impressed" I mean "vaguely intimidated", too, and you know, that's not a bad thing to feel. Gives me an incentive to work that much harder. Competition is good.
Reading this thread so far has led me to dismay. What thread dominates? Something that's so crude that it ought to be beneath our dignity to respond, even to condemn it. A few people have jumped on the trolls, modding them down into oblivion or responding to them.
Here's a question: why? All it's doing is giving the trolls publicity. All it's doing is making people think that gender is an issue, because if it wasn't an issue, why would such a firestorm exist? If it wasn't an issue, why wouldn't the trolls just get modded into oblivion and go ignored, like the GNAA trolls?
If you want to make a statement, if you want to condemn the immature and third-grade behavior of the trolls, if you want to say "look, I for one welcome competent people and I don't give a damn what plumbing they've got", the best response is not to jump on the troll bandwagon and respond to them.
Mod them into oblivion, and let them be forgotten.
They are nothing. For nothing, let there be nothing.
If you want to make a statement, if you want to make a stand, if you want to say "look, I have no clue who this woman is, but frankly I'm appalled by some of the behavior here"... well, hey. Respond to this thread. Mod up responses in this thread. Let's take the publicity away from the trolls and put it to productive use. Let's see if we can't get a few dozen Slashdotters to make a positive stand instead of going around and giving the trolls what they want--furor.
It's really nice to know that whatever I can do technically, that it's my cup size that really matters.
You're getting shocked by immature comments on slashdot? Is this your first time here?by raven_alder (772810)
Oh...I guess it is.
P.S. Proud to be unfairly discriminating on the basis of userid, not cup size.
Sounds like a bad chapter from the Acro-nomicon: The Book of the Semantic...
The semantics arguments are just as tired...
LosT
"We are the music makers, and we are the dreamers of dreams."
All feminists don't necessarily agree... just like "hacker" can have a whole bunch of different connotations, so can "feminist". And, like many other minority groups, we are often known by our extremists. I think that makes it all the more important for those of us who *aren't* extremists to use the term rather than abandon it.
For clarity's sake, I am a feminist in the "I believe in equal rights" way, not the "I believe in special treatment" way. I do not believe in or condone banning books. (Indeed, my car has a "Read banned books" sticker on it.) And you can see my take on feminism and porn, as relevant to your linked Foucaultian debate, right on my site. [grin] So, I suspect that we largely agree. Thanks for a thoughtful and intelligent comment. It's refreshing.
Amen, if the labels that are all to often used don't have some sort of built in personal-recursional-definition, we will eventually run out of labels/words/titles all together, for fear of misuse/misunderstanding...
The use of *isms isn't static, it's dynamic- more of a guideline title than a means of defining one's self...I've never met two feminists with even 80% matching world views/belief systems...
LosT
"We are the music makers, and we are the dreamers of dreams."
hacker n. [originally, someone who makes furniture with an axe] 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. 2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming. 3. A person capable of appreciating hack value. 4. A person who is good at programming quickly. 5. An expert at a particular program, or one who frequently does work using it or on it; as in `a Unix hacker'. (Definitions 1 through 5 are correlated, and people who fit them congregate.) 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example. 7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations. 8. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. Hence `password hacker', `network hacker'. The correct term for this sense is cracker.
All those moments will be lost in time, like tears in rain.
and available here
And don't care what gender the person is. A wannabe guru "h4x0r" is a total fruitbag luser. It's that simple. If he/she was truly skilled, he/she wouldn't be hoping to get publicity from the sucker-media. He/she would be EARNING it with true ability. Hacking is easy. Another poster has already pointed out that hacking/cracking/whateverthefuck is like breaking into houses: any scumbag can do it, but it doesn't change the fact that you are still just a scumbag, no matter how good you are at it, because ANYBODY can break into shit with the help of some cracking-by-numbers VB toolkit.
I noticed that in the article you gave some suggestions for what people should learn about.. I'm not nearly advanced enough to delve into any of that, though. I'm not as interested right now in security (just because I don't have the knowledge to approach it at the moment) but I am interested in learning more in general.
;) - perhaps because I'm much better with projects than tests, and the classes I took were centered mostly around tests. I'm still interested in learning more about programming and "how things work" in general, however.
I tried studying CS at my university and found it didn't interest me as much as it did when I studied it on my own (hence my becoming a sociology major
Do you have any suggestions for studying on my own? Would it be best to learn one programming language very well and then apply it to others, or is there a better approach? (One of the things I found frustrating in classes was learning a new language in every class I took, when I don't know any language well at all.) What advice can you give someone who would like to learn more, but doesn't do as well in a traditional CS/EECS/etc academic environment - books, good websites, anything? You also said that you were studying "an unrelated field," so I was curious as to how you went about learning more..
(Personally, I know little bits of C, C++, Python, Perl, and Java, but not enough to do anything significant in any of those.. I also have written a few little shell scripts that don't do much. Otherwise, I'm pretty clueless - but I'd really like to increase my knowledge.)
Thank you in advance to Raven and/or anyone else who gives me some advice.
If you know how to break into a room, you can help people to shut the door. Most security folk are ex-hackers. It seems like Raven is in that catagory. Not that I know much about her outside of the article.
___
It's the end of my comment as I know it and I feel fine.
Admittedly, my only experience working with her was spending three days on the same team as her during last year's capture-the-flag contest at defcon, but it was pretty clear that she's very good at what she does.
The kind of stuff she does is far above and beyond the sort of "easy pickings" you're imagining.
Don't project your own script-kiddyness onto people actually have skills.
Seems like it would have gotten some attention, seeing how hackers are held in a very polar light, depending on the viewer.
If it's any help, that'd probably be defined as 'liberal feminist' if it helps, though you probably knew that if you know foucault... went to school with a bunch of women's studies majors. By the end of college, we had what was called the 'western accent' (we were in the Western College Program at MU). People in the Western program... spoke... with... great ...deliberation... because... every ... word... had ... meaning. *gah*
___
It's the end of my comment as I know it and I feel fine.
Reading the article, I found absolutely nothing to indicate Raven's past is anything less than aboveboard. She has pretty much the same skillset I do (albeit she's better than me in a few areas). I came by my skillset via purely ethical means, so until and unless I get evidence otherwise, I'm going to assume the same holds true for how she got her skills.
It's really nice to know that whatever I can do technically, that it's my cup size that really matters.
I sympathise, knowing as I do that women never joke about male bodyparts.
I'm 28.
I'm 38. That doesn't matter either.
I do backbone security, incident response, vulnerability assessment, and pen-testing. I work in varying capacities with Nessus, Snort, and the Open Source Vulnerability Database.
Whoopee. You must be so proud. The rest of us are scratching our heads, and wondering how to open the box our Packard-Bell was just delivered in.
Honey, if you have to tell people how great you are, you're not great.
And fuck you.
No thanks, I married somebody much classier than you. But hey, thanks for the offer!
Are you really that dense?
Who do you think tests the security of things like car alarms and bank computers to try to make them better and more secure?
People who are really good at breaking past existing security systems.
People like Raven.
You have to think like a car-thief in order to make a better car security system, but that doesn't make you one.
books, books, books! At least, that's the way I like to learn these things. I found 'Unix Shell Programming' by Kochan & Wood was both a good way to learn shell scripting and programming techniques more generally.
I should point out that I'm in a similar boat, poking my way through programming at my own slow pace, and that I have a very, very long way to go. Nevertheless, I've found that working in one easy(ish) language at a time based on books like the one above or even O'Reilly's 'Learning $Language' series has been very effective. Stick with python is my advice, it's simple, object-oriented (if you want it to be!) and very powerful.
Real stupidity beats artificial intelligence every time.
-- Terry Pratchett, Hogfather
Very true! Application is the key. A widely acknowledged idea in linguistics is that motivation is the key to learning a new (natural, ie human) language; I suspect that a very similar process goes on with computer languages. Fair enough too, there's only so much 'foo' and 'wibble' that anyone can take. Although, if it's Python, at least the Flying Circus references can keep you amused for a while...
Personally, I found that playing with computational linguistics, natural language processing and the like were the keys to really understanding 'the fundamentals', as it allowed me to connect my degree in linguistics with my self-taught computer skills.
Also, try reading "Goedel, Escher, Bach: An Eternal Golden Braid", by Douglas Hofstadter. It's mind-expanding in many ways.
Real stupidity beats artificial intelligence every time.
-- Terry Pratchett, Hogfather
They are children. They just do it to get attention. Don't waste your time.
Okay, so you don't want to specialize at the moment. Fair enough. I am assuming that your wanting to understand "how things work" is programming in general and not security programming/code audit?
In short, find something that you are interested in and take it apart. [grin] You don't necessarily have to follow a structured academic program to become proficient in a field, whether your intent is to make it your hobby or to make it your profession. My academic background is entirely not in CS, and though I have many friends in CS academia, what they do can be very different indeed from what I do day to day. I learned mostly by experimentation and research on things that I was interested in.
So, find something that you like. Look at the source code, if it's available. Try to figure out what does what. Change things around, and see if you can make it better. One of the best ways to learn for many people is by doing. If you don't know what needs doing, volunteer for a project that is already established and is looking for people. Open Source is so helpful this way -- it feeds your resume *and* helps the community.
My first programming language was Perl. I was told by many geeks that this was a bad choice -- it would give me bad habits if I ever wanted to move to a language with a more rigorous structure. They were right, but it was both a good and bad thing. When I started doing C, and in particular when I started poking at kernel code, I had a lot of extra learning to do. But Perl was still a good way for me to start, because when I started programming I wanted to do quick scripting, not kernel hacking, and the flexibility of Perl was great for me.
You're getting shocked by immature comments on slashdot? Is this your first time here?
Did you actually read the article that Raven wrote and linked to? It was quite insightful...
Far from my first time here, but the first time I bothered to get a login, yes. [grin] I knew someone was going to bust my chops for that.
And no, I wasn't shocked by the immature comments, but I gave the trolls one reply. Why? I'm not interested in an extensive flamewar, but a lot of women just shut up and look uncomfortable when stupid sexist bullshit happens. So, that was my token protest. I'm not intending on feeding them any more, and I doubt I changed any of their minds, but I probably made a few lurking women feel better.
What and miss out on the current hair style that david beckham has ???? or the fact that he has (or has not) been doing his pa.
I remember, back when I lived in the DC area several years ago, I went to the wedding of an aquaintence of mine (a friend of my friend Cat). She was this girl who was just learning C and invited me to be part of her CCNA study group. Being in the middle of one the most antisocial periods of my life, I just kind of dropped off the face of the earth (and eventually moved to Seattle). Now I see articles about her on slashdot. Raven, if you remember this long haired, antisocial, larval stage techie named Joe, drop me a message.
Use ISO 8601 dates [YYYY-MM-DD]
From the article: Gender is a non-issue... If there's one thing [Raven] hates, it's being type-cast as a "chick hacker".
What a fantastic way to start off an interview: with something the interviewee doesn't consider in any way important! Do these people actually objectively read what they write?
Obligatory Python reference: "And did you write this music in the sheds?"
I never said you had to be a thief. Many computer security professionals (like Raven, for example) were never blackhats.
But you do have to be able to think a lot more creatively and deviously than a normal programmer if you're going to be good at this stuff. There's a lot more to computer security than brute-force or kiddy-scripts.
I think you're getting hung up on the "hacker" term. How about "computer security researcher" instead?
I don't get why someone that's intelligent would reply to such a post. The article mentioned you're sensitive on the "chick hacker" topic, but is it such a reflex to respond to trolls and ignorant people when there are things more worth your time?
Since you talk about this on your webpage, I'll write my opinions here. It's greatly unfortunate the chauvinism in computer science/engineering and the world in general. And while I'm sure that has impact on women entering the field, I think that's minor compared to other cultural factors.
Rates in grad school are probably a little different from undergrad and this is only one case, but let's look at my school. In the CSE department, only 26 out of 146 students are female (18%). Most statistics I've seen hover around 20% (for graduate and undergraduate engineering in general). Here, 65% of the grad students are foreign. While the US men hold at 38%, only 19% of the female are from the US. While China and India "only" account for 53% of the men, they account for 69% of the women. While China and India's percentages of women are still low (31% and 23%, respectively), it's much better than the rest (10%).
So either many women aren't finding this intersting, they find it too difficult, or there are cultural issues involved (or mixtures). So is the government (and society in general) not taking steps we should be? If so, what are they? The same can be said regarding male teachers.
Kids are already being told to fear math and science and find it difficult and boring, what other social factors need to be addressed to change what's being told to the girls? While chauvinism is a factor (and should be addressed just because it's wrong), I think there are many other issues (many of which I don't know) that need to be addressed before we can see any dent in the percentages. I mean, recent statistics (going on memory from 60 Minutes report) show girls getting better grades than boys in high schools and the majority of students at MSU are girls. So it's beyond just stressing education.
Generalities and stereotypes can be used very negatively, but at the same time, they are often indicative of something and they should be studied and learned from. Some believe they already know or don't care, however, too many people consider the issues too sensitive to even discuss. It's generally accepted that physically, top female athletes in many sports cannot compete with the top men. Our physiologies are different enough that men have the advantage and we know enough to explain much of that.
But what are the reasons for male to female ratios in top chess players and other mental/educational disciplines? Why do certain racial and ethnic groups score much higher than others in SAT and other standardized tests? How come Jews around the world (with a smaller population than my home country of Nepal, around 13 million to 26 million) hold more wealth, influence and power despite being persecuted almost everywhere they go?
However, the main people really "thinking" about these issues are male chauvinists, extreme feminists, racist bigots and anti-semitists/Islamic fundamentalists. That's not a good sign...
Anyhow, good job in the interview and I thought your answers were well said. Good luck on improving computer security and raising awareness of security. And good luck on changing the atmosphere of chauvinism (of course I'll do my part).
In times like these, it is helpful to remember that there have always been times like these. - Paul Harvey
Just to give a specific place to start if one is interested about network hacking, or whatever you want to call it:
First, know what is a bit, byte, word, doubleword. What is big-endian and little-endian. What is a stack. How does a processor work in general.
Then, buy "TCP/IP Illustrated, Volume 2". Read it through once.
Write a simple pcap based IDS to detect normal half-open portscan (syn-scan).
Now, write improve on your IDS to give no false positives on a server with undefined amount of undefined services.
Use the book you bought as a reference.
At this point, you should understand networks enough not to write bad networking code yourself, and perhaps detect such mistakes from source code.
Most likely you now know more about your chosen programming language too.
And as Raven said. Take stuff apart. Get a disassembler. If you'r on windows, I recommend IDA Pro. It ain't free, but damn its good.
Ps. I have never written any 'sploits nor disclosed vulnerabilities. I see potentially vulnerable code daily, but I have too short attention span myself to actually prove it.
Bot Assisted Blogging
When did women become a minority? Deserve equal rights - yes. Deserve right to be seen for who you are and not what you are - yes. Last I read 51% of the population was female - some minority.
Dudette, never under estimate the importance of allure. A bloke might be involved in technically challenging work too, but seldom is he also appreciated for the size of his saggy-man-breasts.
Didn't she just say she objected to comments about her...oh..."boots"...nm.
We all know hackers are physically unfit males aged 13-19 with pasty faces and no social skills. :o)
Hopefully this whole series will give the "mainstream" a kick in the sternum by challenging their pre-conceptions about 'hackers'. They've certainly picked a great opener.
I think you mean ex-crackers. Don't make me sic RMS on you...
She looks like an older version of Drew Barrymore.
I wanna see what there gonna write about Lamo and Mitnick.
$>man woman
$>Segmentation fault (core dumped)
So when do we get to see some articles on the people that really do matter?
Why is it that programmers get no love? What about the programmers who have changed/influenced culture within the last decade in gaming, corporate, or home use.
*tear* all people want to do is tear our software down and praise the people that do it *tear*
Resume link in the menu of http://www.oneeyedcrow.net/ is broken, but the one in the body of your About Me page is just dandy. :o)
A much underrated term for these hacker, computer savvy, geek types!
-nerd
All speling, factual, tact, and/or grametical errers be the result of netwerk interpherance or# transmition ererrs.
Watch the film Gone In 60 Seconds, with Nicholas Cage. It actually deals with the analogy you raise here. On the one hand you have Memphis, a highly skilled car thief with a passion for cars. There are practically no cars that he can't steal, and he steals them because he just loves cars and driving them (during the timeframe of the film he is stealing them to save his kid brother).
:)
On the other hand you have your dumb car thief. In the actual film someone pulls a gun on the big black guy (character name escapes me) who is driving with the window open. He sums it up with the words 'Anyone can pull a gun on somebody' (after he takes out the wannabe carjacker).
Stealing cars is legally and morally wrong, in both of the situations above. It's just that at least Nick Cage put in the time and effort to steal something because it meant something to him. Transfer this analogy to the computer world - script kiddies versus 'skilled hackers'.
I wouldn't want someone to break into my house, but if i had the choice between coming home to find a window smashed, glass all over the floor,graffiti on the wall and all my stuff gone compared to finding the Chubb bolt has been surgically removed from the door and a note saying 'Thanks for the Ming Vase', there'd be at least a slither of admiration for the 'skilled criminal', even though I'd want him arrested and that at the end of the day he's still a thief. People who are good at what they do, whether it's for good or for evil, will always be more respected than the crude, lazy fuckers who try and copy them. A lot of people think of Hitler as a good leader (come on, he was), even though he committed such atrocities.
Note that I'm not actually disagreeing with you, in a perfect world we'd not have to choose the lesser of two evils
Mother, do you think they'll like this sig?
Interview who?
Got time? Spend some of it coding or testing
Actually Security professional is the new catch phrase for hacker. It can't be twisted into meaning criminal because these individuals learn, practice and use their skillset on closed systems or on systems they are paid to penetrate.
Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
But if you lose your keys and you don't have a backup set stashed anywhere, your next step will be to call a professional thief^H^H^H^H^HLocksmith to break into your house and re-key those locks for you.
Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
Sorry, but I can rememeber people using the words crack, cracking and cracker 15 years ago, long before I'd ever heard of ESR. To hack a piece of code is also an old term for coding. Perhaps you should get your facts straight.
Ummm, No. You are confused. The Whacked Mac Archives which was run by the L0pht was run on a Mac SE for a short time. The actuall L0pht website started out on a Sun box originally (Sparc5 I think) before it was moved to a generic Pentium box with a clock crystal from a video card making it run at something like 137.5MHz with OpenBSD.
When the WMA was on an MacSE everything went through a 128K dialup ISDN line. Needless to say the computer was not the bottleneck. The WMA eventually moved to a Mac IIci and then to a Quadra 610 and finally resided on a 6100.
If your looking for a trip down memory lane you can still visit the mothballed WMA just without the files. Two risky to host the files these days not to mention bandwidth costs.
- Space Rogue
I work in the security industry (okay, so right now I'm on hiatus from the security industry while I finish my Master's, focusing in security) and I've yet to meet one single reputable ex-cracker.
I highly doubt that.
Perhaps you only know one person who admits to doing enough that you would call them a cracker, but I bet you know of a few more people that have at least done something akin to cracking, and probably a whole bunch more who've decided it would be better to never mention anything like that in their past, despite having done it.
Reading the article, I found absolutely nothing to indicate Raven's past is anything less than aboveboard.
I certainly wouldn't claim to know any specfic person's past , but who DIDN'T have a trick or two up their sleeve in college?
I'm not saying something as serious as changing their grades, but little things that they knew they weren't supposed to be doing, but did anyways.
Life is too short to proofread.
"Excuse me, miss Alder, its the 90's on the phone, and they'd like they're [grin] tags back."
Now, I have a question that is partly in jest and partly in which I would really like to know the answer. If you started programming in Perl, how on earth did you ever stay interested in programming? I'm a "learn by example" when it comes to new languages, but unless I'm sitting next to an O'Reilly book, there isn't an example in the world that makes sense to me.
Did you ever find the "new" slogan for perl - "There's more than one way to do it, but they're all wrong." ??
You don't have to reply, its all good.
Ignore the "p2p is theft" trolls, they're just uninformed
But that doesn't make it any less a losing battle. Arguing on the Internet, Special Olympics, driving a point through the thick layer of bone shielding the miniscule forebrain, etc.
But your boots are unspeakably awesome.
-Carolyn
Like Daddy always said: if you can't dazzle 'em with brilliance, baffle 'em with bullshit.
I don't know about any of you... but an intelligent, hot chick, who can kick my ass while drinking chai... that's my kind of woman.
Why worry? Each of us is wearing an unlicensed "nucular" accelerator on his back.
Sig changed for readability by G.W.
Oh and also lose the name Raven (assuming that's a nickname). Is there something wrong or disturbing or embarrasing about your *shock* real name?
That's a very good point, Anonymous.
lame article. flat. non-inspired. they talk about exactly the things she doesn't like people to talk about. and "in her spare time, she downs chai while arguing philosophy with friends." i mean, i guess all of our lives are like this, but why trivialize? anyway, i could've done much better.
All feminists don't necessarily agree... just like "hacker" can have a whole bunch of different connotations, so can "feminist".
Yep. I believe in "equal rights" but I would never call myself a feminist.
I think egalitarian is a much better term to use, and much less likely to come back to haunt you.
The term feminist, is irrevocably assosciated with a social movement that has not always displayed the best behavior.
"A woman reading Playboy feels a little like a Jew reading a Nazi manual." -Gloria Steinem
And, like many other minority groups, we are often known by our extremists.
It's also worth noting that women are NOT a minority group.
I think that makes it all the more important for those of us who *aren't* extremists to use the term rather than abandon it.
I think it would be more important to examine the beliefs of those who created and defined the term and decide if you agree with them. Even the less extreme feminists, like Steinem have opinions that you might not agree with. Like this tidbit:
"I've yet to be on a campus where most women weren't worrying about some aspect of combining marriage, children, and a career. I've yet to find one where many men were worrying about the same thing." -Gloria Steinem
Forgive me if I actually respect a mother who raises her own child.
Life is too short to proofread.
My wife and I were in Butler, PA about 2-3 years ago to consult a doctor. We arrived early, and decided to wander around a bit and grab a bite to eat.
So, we walked by a storefront with a sign on it that said "Attrition". I glanced in the windows, saw a bunch of hardware, and took a few more steps before I realized "Hey... I *know* who that is!" I went back and poped in with my daughter, just to say hi. Gist of the conversation:
What really registered with me was that here was a fairly well-known web site, being run out of Butler, of all places. No need to live in NY, LA, Chicago, Boston, or any of those other urban sprawls... just find a nice town, get yourself a net connection, and you're in business.
"Great men are not always wise: neither do the aged understand judgement." Job 32:9
Last month I had the privelage of watching a small hacking competition as part of a larger defense contractors conference. (Southeastern Software Engineering Conference). The had a small network set up to simulate a corporate network and teams attempting to attack it. The team that did the best was a red team from Northropp Grumman (which someone said won the Defcon capture-the-flag competition though I never looked it up).
The thing is, their strategy seemed to be to map the network, then run pre-packaged attacks appropriate for the specific device, then install a backdoor and repeat launching off of the machine they'd taken. Security experts in all their interviews repeatedly state that it is undesirable to do this, (ie, use previously written code for the bulk of their pen testing/attacks). Is there a disconnect between what security experts say and what they actually do?
(I do want to add that the team that won was very impressive, taking about a box an hour through the 6ish hours the contest was run. There was a very small time frame which might have necessitated the canned attacks. But the network was representative with at least 1 dedicated firewall, IDS, and honeypot and computers running windows, linux, and solaris. All with reasonable patching.)
I do security
Comment removed based on user account deletion
For Adrian Lamo, the so-called "homeless hacker", there was no turning back after discovering how to make both sides of a 5.25in floppy disk writable at the tender age of eight.
Uh... Who didn't figure that one out the second they saw the notch cut into one side of the floppy? After all "double-sided" is a dead giveaway. It's a pretty logical conclusion to come to, especially since mini-casette record-protect tabs work on the same principle. I guess this makes me and all my friends "hackers", because not only did we figure this out, but we already had modded hardware and programs for breaking copy-protection and copying disks by that age.
Raven went to Virginia Tech :-) Let's go Hokies! Even castrated turkies can be hackers, too. *gobble gooble*
What's he gonna do. Hack me? :p
... crackers... backpackers... words mean what I want them to. *grin*
Hackers
___
It's the end of my comment as I know it and I feel fine.
I would like to sincerely apologize in the name of the entire Slashdot community, most of which sadly consists of people not only utterly infantile but also insultingly unintelligent, as I am sure you have already noticed. I can assure you that even though I personally find you very attractive, I will avoid commenting your undoubtedly exceptional beauty nonetheless, for I am myself hardly sexiest by any stretch of imagination. Let us therefore go straight to the meritum and talk about one thing that really matters, i.e. software.
That is very impressive indeed. It is certainly inspiring to hear that someone of your intelligence, skills and experience chooses to work with free software tools. I would be very interested what is your operating system of choice and what do you think about Debian GNU/Hurd, Keykos, EROS and OpenBSD, as a general operating system design as well as the security implications thereof. I look forward to read more of your texts on Slashdot from now on.
Please don't lower your high standards to match those poor simpletons (or "trolls" if you will) who seem to enjoy shamefully insulting any woman which is much smarter than them. They just sicken me. You will see that surprisingly high percentage of Slashdot users could be described as nothing more but a room-temperature IQ crowd. In fact, it is surprising that those illiterate imbeciles can even write.
The idea that Slashdot is an "elite" of any kind is simply laughable in its naïvete. I can only suggest you to ignore all of those foolish morons, for they don't deserve any of your attention whatsoever. Clicking on the circle next to the username you can mark any user as a friend or foe, and set positive bonus for friends and negative for foes in the People Modifier section of your Comments Preferences page.
Going back on topic, I have one more question: Could you tell us how did you do it that all of your posts are rated as Score:5, Insightful or at least Score:5, Interesting? I find it very intriguing. Have you found a vulnerabilty in the Slashcode itself? Will you disclose it?
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
Part of the problem is how the term "cracker" gets defined. Do I know people who've cracked systems? Yep. Do I know people who've cracked systems they didn't own and didn't have permission to crack? Yep. Did these people always have solid ethical reasons for it? Yep. For instance, RMS has cracked systems several times, and each time with solid ethical reasons for it. I wouldn't call RMS a cracker.
But people who've done these things for less than ethical reasons? No, I haven't met one single person in the industry with that sort of background who's taken in any way seriously.
Admittedly, I don't know the entire backgrounds of every single person I've met. But all the reputable people I've met have been unanimous in this opinion: if in the past someone's decided to disregard all social law and ethical concerns, there's absolutely no reason to suspect that they're now walking the straight and narrow.
The security field runs on integrity. If you don't have integrity, you've got absolutely nothing. Anyone who hires a security geek whose integrity is blemished is making critical gambles with their essential infrastructure.
>Thanks for a thoughtful and intelligent comment. It's refreshing.
:-)
Always happy to provide, and I can see your position on this.
Glad to see you're not the book-burning type, rather quite the opposite.
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
The main problem is that feminism has become synonymous with "gender feminism". The idea that men and women are identical in everything except anatomy is pretty fundamentally flawed, and is an unfortunate side-product of blank-slatist thinking. Which leads to thoughtless man-bashing a la Steinem.
Ita erat quando hic adveni.
And you've already racked up more karma than I've gotten in 3 years of lurking with the occasional post.
I have found there are just two ways to go.
It all comes down to livin' fast or dyin' slow. -REK, Jr.
She's a butch, man-hating dyke.
Then you didn't read it very carefully.
First, I'll confess that the only reason I decided to read the Slashdot comments (which, frankly, are an incredible waste of time) was the entertainment value in reading all of the stupid/clueless "Dude, she's a babe!" / "Nah, she's not a babe, but she's do-able" nonsense. I don't know why I get such a kick out of that. Maybe because stupidity really, truly IS funny. I think it's even funnier that she is serving you guys for lunch.
I grok her as one of the extremely rare people who not only has a very high IQ and thinks for zirself, but has also been able to shed the shame-based human-sexuality baggage with which most of us are saddled.
This is a person who has my utmost respect and admiration. This is the kind of person I like to have in my social circle. Unfortunately, they are all too rare. Fortunately, I have found a few. Very few. Unfortunately, the world is still full of clueless morons who reduce us to a one-dimensional target of shame-based name-calling because they just don't have the IQ to think in any other terms.
Oh well. Her geographic area isn't exactly an intellectual backwater. It's not very likely that her social circle leaves her feeling intellectually deprived.
Eat your hearts out.
In times of universal deceit, telling the truth gets you modded -1 Troll
This really shouldn't be modded down so far. It is unfortuanatly true. Women in a technicall field will have a higher chance of being promoted, to a point of course, because too many feel the need to give the apperence of being an open, politically correct environment.
Its too bad too, it only hurts everyone, anyone sees a woman bing promoted and its always assumed its only because shes a woman or she earned it on her back, and on the other hand it gives fuel to the argument that all men are pigs.
It would be nice if abilty was the only qualifying factor, but I dont see that happening any time soon.
"I use a Mac because I'm just better than you are."
wow, so words are in fact defined by the dictionary, rather than the speech community that uses them? Wow, your magnificant insights are going to revolutionize the field of linguistics...
Real stupidity beats artificial intelligence every time.
-- Terry Pratchett, Hogfather
How do you know about my poetry? And who said I am not rich?
Wait a minute, is that some kind of a joke? Quite a distasteful one if so...
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
So what does a man who believes in equal rights call himself then? The feminist tag is problematic in itself, as it creates a divide between the genders rather than uniting all people (male, female, transgender) who believe in equal rights regardless of gender.
Oh god, she's fucking hideous. Damn I need glasses.
Day 2 will be Attrion.org creator, Jericho
Jeriho was at Attrition. Muge was at l0pt.
wow, so words are in fact defined by the dictionary, rather than the speech community that uses them?
The problem here is that there are in fact two communities using these terms: there are the professional cybergeek types, who actually know something about the field, and there are the unwashed masses of the general public, who are blissfully ignorant. The Geeks distinguish between hacking and cracking; the great unwashed, however, could care less about the subtle-or-not distinction, and use one term for both.
The term "hacker" started out in the computer community a LONG time back-- I recall reading history pieces that date the term to the 60s. It predates the Google USENET archive, anyway. However, the semantic distinction between hacker and cracker within the Geek community clearly does not predate that great repository of asbestos suppositories.
The earliest post archived at Google using both the terms "hacker" and "cracker" was on September 15, 1983. This was apparently in response to a news piece on CBS news on roughly Wednesday the 14th, although there is evidence of at least something being earlier. While I do not remember the CBS news piece, it was most likely prompted by a Hollywood turkey released around then.
When the news media presented this little petri-dish culture to the great Unwashed, they made one mistake. They heard, "someone who breaks into systems is a hacker", and reported "a hacker is someone who breaks into systems". It's a category error fallacy, or perhaps a definition fallacy, but who expects logical thought from a reporter?
Anyway, my point is: the hacker community did not make a clear semantic distinction of "cracking" until after the term "hacking" was exposed to the public, and that at the time "hacking" was still a correct term describing the activity, albeit one that included many other different activities as well.
//Information does not want to be free; it wants to breed.