Slashdot Mirror
Hackers: Under The Hood
jyre writes "ZDNet Australia has a special report that profiles and interviews five hackers over the next five days. Day 1: Raven Alder's page is up now (inludes photos). Day 2 will be Attrion.org creator, Jericho. Day 3: Adrian Lamo. Day 4: Kevin Mitnick and Day 5: L0phtCrack creator, Mudge."
I love attrion.org! It's the best way to start my day, opening the old browser and surfing on over to attrion! First on my list of things to do in the morning!
:)
Mods don't hurt me
Flying Jesus!
This is to be expected from a mainstream publication that intends to present "hacking" in a mainstream light. I say, read at your own risk.
dude, that's her first grade photo.
But are they going to define hacker? Are people going to see this as a bunch of articles about some scum who break into computers, or are they going to see a bunch of articles about people who have an intimate knowledge of computers? Either the meaning of the word hacker needs to change, or another word for the computer savvy needs to be found.
more high profile 'hackers' explaining their driving influences. Raven Alder bashing script kiddies and suggesting that users learn how to use their toys is a good way to start. I wouldn't argue for a second with a girl that is as cute as Bjork and could audit my security.
"Lame" - Galaxar
Mmmmm... L0pht password cracker. *urgh!* "Me use brute force!" *urgh!*
I'm actually surprised there have not been more television biographies on hackers. It seems A&E Biographies, Discovery Channel, Learning Channel etc. would want to tell these stories.
www.reeddavid.com
You like looking at the IE error page? Weirdo ;P
Everyone should know that it is ATTRITION.org, anyhow (and, at least, the link is correct).
Raven's my coworker. Quite techincally, she rocks. and oh, that tit size comment? ... (a direct quote)
"Fuck you ".
And yes, she's talking about You
da w00t. mtfnpy?
That's about the most perfect example of what she's talking about anybody could have come up with...
Yeah alright, they had a defacement archive back in the day, they're dried out now. What have they done since then and really what good was the defacement archive? All it really did was encourage defacements.
The other guys have either shown skill, or created something. And lets shut up about "cracker v.s hacker" BS. Hacking is a SKILL SET, you can define black hat, grey hat, white hat from there if you want. Just because someone breaks the law doesn't mean they aren't a good "hacker" and are suddenly a "cracker".
Also remember not all intruders are "dumb kiddies" there takes skill in a real intrusion even if you are using pre-canned exploits. There is a hacking mindset to getting into places. Its the same mindset used in writing unique code, among other things. Its not all dotslash. Thats like saying U.S Special Forces are 'kiddies' since all they do is a pull a trigger. Wrong.
So tired of these people ranting and raving about 'cracking'. Get your head out of your asses and get off the bandwagon.
If you aren't computer-ignorant. But the media are computer-ignorant, and are happy to stay that way.
A few years ago a major New Zealand ISP was "hacked" -- or so the media said. The biggest talkshow host of the time interviewed the alleged "h4x0r" live, and proclaimed him to be a "computer genius". We were all in deadly and imminent danger of being hacked by guys like him he said.
The "hacker" in question was a 13 year old whose friend's older brother worked for the ISP. The older brother had stupidly given his staff login and password to his kid brother, who had, naturally, shared it with his friend, the "genius hacker". This friend then logged in and deleted a bunch of hosted websites. Pretty frikken 1337, huh?
Take the little assholes out and beat them with wet towels, then make them parade naked through the streets. A fit punishment for such computer Uber-Gurus.
Hi. It's really nice to know that whatever I can do technically, that it's my cup size that really matters. I'm 28. I do backbone security, incident response, vulnerability assessment, and pen-testing. I work in varying capacities with Nessus, Snort, and the Open Source Vulnerability Database. And fuck you. http://www.oneeyedcrow.net/securitygeekfemme.html
If they were really oh so 1337, nobody would have ever heard of them, and they wouldn't be talking about their escapades either.
Si tacuisses philosophus mansisses. If you had kept quiet, you would have remained a philosopher.
At least they didn't regress to the "nice boots" comment you're likely to get at the local g0th club-
LosT
"We are the music makers, and we are the dreamers of dreams."
First, in the spirit of full disclosure: I know Raven. I know her well enough to be thoroughly impressed by her and her competency. By "thoroughly impressed" I mean "vaguely intimidated", too, and you know, that's not a bad thing to feel. Gives me an incentive to work that much harder. Competition is good.
Reading this thread so far has led me to dismay. What thread dominates? Something that's so crude that it ought to be beneath our dignity to respond, even to condemn it. A few people have jumped on the trolls, modding them down into oblivion or responding to them.
Here's a question: why? All it's doing is giving the trolls publicity. All it's doing is making people think that gender is an issue, because if it wasn't an issue, why would such a firestorm exist? If it wasn't an issue, why wouldn't the trolls just get modded into oblivion and go ignored, like the GNAA trolls?
If you want to make a statement, if you want to condemn the immature and third-grade behavior of the trolls, if you want to say "look, I for one welcome competent people and I don't give a damn what plumbing they've got", the best response is not to jump on the troll bandwagon and respond to them.
Mod them into oblivion, and let them be forgotten.
They are nothing. For nothing, let there be nothing.
If you want to make a statement, if you want to make a stand, if you want to say "look, I have no clue who this woman is, but frankly I'm appalled by some of the behavior here"... well, hey. Respond to this thread. Mod up responses in this thread. Let's take the publicity away from the trolls and put it to productive use. Let's see if we can't get a few dozen Slashdotters to make a positive stand instead of going around and giving the trolls what they want--furor.
It's really nice to know that whatever I can do technically, that it's my cup size that really matters.
You're getting shocked by immature comments on slashdot? Is this your first time here?by raven_alder (772810)
Oh...I guess it is.
P.S. Proud to be unfairly discriminating on the basis of userid, not cup size.
All feminists don't necessarily agree... just like "hacker" can have a whole bunch of different connotations, so can "feminist". And, like many other minority groups, we are often known by our extremists. I think that makes it all the more important for those of us who *aren't* extremists to use the term rather than abandon it.
For clarity's sake, I am a feminist in the "I believe in equal rights" way, not the "I believe in special treatment" way. I do not believe in or condone banning books. (Indeed, my car has a "Read banned books" sticker on it.) And you can see my take on feminism and porn, as relevant to your linked Foucaultian debate, right on my site. [grin] So, I suspect that we largely agree. Thanks for a thoughtful and intelligent comment. It's refreshing.
and available here
I noticed that in the article you gave some suggestions for what people should learn about.. I'm not nearly advanced enough to delve into any of that, though. I'm not as interested right now in security (just because I don't have the knowledge to approach it at the moment) but I am interested in learning more in general.
;) - perhaps because I'm much better with projects than tests, and the classes I took were centered mostly around tests. I'm still interested in learning more about programming and "how things work" in general, however.
I tried studying CS at my university and found it didn't interest me as much as it did when I studied it on my own (hence my becoming a sociology major
Do you have any suggestions for studying on my own? Would it be best to learn one programming language very well and then apply it to others, or is there a better approach? (One of the things I found frustrating in classes was learning a new language in every class I took, when I don't know any language well at all.) What advice can you give someone who would like to learn more, but doesn't do as well in a traditional CS/EECS/etc academic environment - books, good websites, anything? You also said that you were studying "an unrelated field," so I was curious as to how you went about learning more..
(Personally, I know little bits of C, C++, Python, Perl, and Java, but not enough to do anything significant in any of those.. I also have written a few little shell scripts that don't do much. Otherwise, I'm pretty clueless - but I'd really like to increase my knowledge.)
Thank you in advance to Raven and/or anyone else who gives me some advice.
Admittedly, my only experience working with her was spending three days on the same team as her during last year's capture-the-flag contest at defcon, but it was pretty clear that she's very good at what she does.
The kind of stuff she does is far above and beyond the sort of "easy pickings" you're imagining.
Don't project your own script-kiddyness onto people actually have skills.
Reading the article, I found absolutely nothing to indicate Raven's past is anything less than aboveboard. She has pretty much the same skillset I do (albeit she's better than me in a few areas). I came by my skillset via purely ethical means, so until and unless I get evidence otherwise, I'm going to assume the same holds true for how she got her skills.
Okay, so you don't want to specialize at the moment. Fair enough. I am assuming that your wanting to understand "how things work" is programming in general and not security programming/code audit?
In short, find something that you are interested in and take it apart. [grin] You don't necessarily have to follow a structured academic program to become proficient in a field, whether your intent is to make it your hobby or to make it your profession. My academic background is entirely not in CS, and though I have many friends in CS academia, what they do can be very different indeed from what I do day to day. I learned mostly by experimentation and research on things that I was interested in.
So, find something that you like. Look at the source code, if it's available. Try to figure out what does what. Change things around, and see if you can make it better. One of the best ways to learn for many people is by doing. If you don't know what needs doing, volunteer for a project that is already established and is looking for people. Open Source is so helpful this way -- it feeds your resume *and* helps the community.
My first programming language was Perl. I was told by many geeks that this was a bad choice -- it would give me bad habits if I ever wanted to move to a language with a more rigorous structure. They were right, but it was both a good and bad thing. When I started doing C, and in particular when I started poking at kernel code, I had a lot of extra learning to do. But Perl was still a good way for me to start, because when I started programming I wanted to do quick scripting, not kernel hacking, and the flexibility of Perl was great for me.
Far from my first time here, but the first time I bothered to get a login, yes. [grin] I knew someone was going to bust my chops for that.
And no, I wasn't shocked by the immature comments, but I gave the trolls one reply. Why? I'm not interested in an extensive flamewar, but a lot of women just shut up and look uncomfortable when stupid sexist bullshit happens. So, that was my token protest. I'm not intending on feeding them any more, and I doubt I changed any of their minds, but I probably made a few lurking women feel better.
Watch the film Gone In 60 Seconds, with Nicholas Cage. It actually deals with the analogy you raise here. On the one hand you have Memphis, a highly skilled car thief with a passion for cars. There are practically no cars that he can't steal, and he steals them because he just loves cars and driving them (during the timeframe of the film he is stealing them to save his kid brother).
:)
On the other hand you have your dumb car thief. In the actual film someone pulls a gun on the big black guy (character name escapes me) who is driving with the window open. He sums it up with the words 'Anyone can pull a gun on somebody' (after he takes out the wannabe carjacker).
Stealing cars is legally and morally wrong, in both of the situations above. It's just that at least Nick Cage put in the time and effort to steal something because it meant something to him. Transfer this analogy to the computer world - script kiddies versus 'skilled hackers'.
I wouldn't want someone to break into my house, but if i had the choice between coming home to find a window smashed, glass all over the floor,graffiti on the wall and all my stuff gone compared to finding the Chubb bolt has been surgically removed from the door and a note saying 'Thanks for the Ming Vase', there'd be at least a slither of admiration for the 'skilled criminal', even though I'd want him arrested and that at the end of the day he's still a thief. People who are good at what they do, whether it's for good or for evil, will always be more respected than the crude, lazy fuckers who try and copy them. A lot of people think of Hitler as a good leader (come on, he was), even though he committed such atrocities.
Note that I'm not actually disagreeing with you, in a perfect world we'd not have to choose the lesser of two evils
Mother, do you think they'll like this sig?
My wife and I were in Butler, PA about 2-3 years ago to consult a doctor. We arrived early, and decided to wander around a bit and grab a bite to eat.
So, we walked by a storefront with a sign on it that said "Attrition". I glanced in the windows, saw a bunch of hardware, and took a few more steps before I realized "Hey... I *know* who that is!" I went back and poped in with my daughter, just to say hi. Gist of the conversation:
What really registered with me was that here was a fairly well-known web site, being run out of Butler, of all places. No need to live in NY, LA, Chicago, Boston, or any of those other urban sprawls... just find a nice town, get yourself a net connection, and you're in business.
"Great men are not always wise: neither do the aged understand judgement." Job 32:9