Slashdot Mirror
Interview with a Spampire
Bunch2 writes "In this article at OReillynet, a 'hacker' explains why he put his superior coding skills to use by writing a spam mailer called Fahrenheit. (Hint: $$$) Turns out his little creation is also being used by criminals to 'phish' bank account information from gullible folks. The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'"
The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'
My thoughts are that coders can become morally challenged when you examine what we're up against today. We are up against shady corporations who lack the motivation to really give us our fair due.
Obviously I don't support the notion of the dark side. I don't have to because I'm employed by a good company who respects me and treats me right. But I wouldn't even support the dark side if I was dead broke. It's a trap that some people fall into, like the numbskull interviewed.
Coders who lack the necessary financial or social rewards in their lives sometimes choose the dark side of the force.
Coders are often the last to be told the way a system needs to be, perhaps a week before the system is due, and yet they should be the first to know. Coders are often looked at with disdain from management because of FUD. I'm really glad the company I work for respects me, but good companies are not the standard today; my company is a lone gem in an disheartening desert of coal. Sure there are other gems out there, but who knows whether a company is a gem unless you have worked there for a little while?
Luck really is the only thing that determines whether programmers/designers get to work for a gem. Bad companies are good at snowing you during HR selection processes. For example, I went on a job interview to a well known video game company on the west coast of Canada. They told me the job was for 55-60k for level design. I was elated. My wife was elated. We hoped that I could get the job. But we also discussed that I should be watching out for bad practices in the company before we uprooted and moved to the other side of Canada. When I was flown out to meet with this company, they immediately asked me if I would take 40k instead of their original bait. I told the HR guy that I was interviewing his company too, because I was trying to feel out if their company was a fit for me or not, and that his company had lost a huge chunk of trust by shaving off a potential 20k from the starting salary they had quoted to me during the two month preselection process. Yes the company can decide what to hire you for, but this really seemed like a bait and switch to me. You know I bet they do that all the time and I bet every single level designer falls for it, until they get laid off after the project they were hired to complete goes gold. It's a cheap trick and likely the start of a very unpleasant relationship so I threw the interview. I didn't get the job, and I didn't want it. Many companies are like that -- sneaky.
The standard is a company that is in it for profit, and allows the egos of management to dictate system design and project management. If managements were forced to delegate systems design to those who will be responsible for doing the actual work, we would have better systems and far fewer coders would choose the dark side.
Some of these dark side of the force programmers are fed up with managements and they have lost faith. So all ye who own companies that hire us, please prove them wrong.
The dangers of knowledge trigger emotional distress in human beings.
If your passion revolves around software and the jobs have dried up, and you have to make a living somehow... you're going to do what you have to.
Sure, selling spamware is unethical. But if it's that or starving to death...
*shrug*
this google search and look at the adsense ads..
then clickem! pay per click right?
google makes money, spam for profit companies lose money, and, well, why not?
every day http://en.wikipedia.org/wiki/Special:Random
18yo Florida kid sounds a lot like the description of me, before I went to college. Any computer job is hard to fill in FL, and this kid chose the wrong alternative.
So many job offers require 3 years of experience, that it's no wonder he couldn't find a job. Unfortunatly, he didn't choose going to school to get this experience.
Obviously, he didn't have a job because his skills didn't stand out, and his grades probably didn't either.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
It's arrogance that makes these 133t h4x0rz use their 'mad programming skillz' for detrimental purposes.
Humility inspires people to use their talent for good.
the sad thing is, this kid is 18...
in 10 years when the market is better, his code will still be looked down upon because of things like this. at my last two positions i was told part of the reason I was hired was because of my positive google check.
Personally i havent had any problems paying rent in this economy with an honest job and hard work, it happens in nearly all lines of work where there are tough times. just stick it out, keep yourself honest, and you may be better off in the future, this guy has pretty much sealed his fate to a future of gray market applications
#include sig.h
Yknow if he can write an app to send spams with threading an rotating subjects and all this crap, why couldnt he write a decent CMS, or a groupware system?? see spamming is quick and easy is why. spamming is the dark side.
as long as there is email as we know it now there will be spam, because its too easy to be anonymous. I think we need to give up email en-masse and move to something more effective and secure. something more akin to how gmail works, but not using email for transmission. like a individual message board with IP verification.
might be pie-in-the-sky, but i just hate email...it just doesnt work...time to euthanize it and move on....
sometimes, i wonder if i'm the only conservative on teh intarweb. ah well, back to mah hogs and warmongerin'....
Is sending spam illegal? I thought it was legal under US law for political and non-commercial reasons, as well as commercial, assuming it complies with CAN-SPAM.
"Because of outsourcing [of software and system administration jobs], it's one of the only ways a hacker can make money," says Kittridge.
Okay, let's get a few things straight here. No offense, but you are 18. You haven't been in the "job market", and I hope to god you've been doing well in school. I imagine you've gotten great grades.
That said: have you looked at college? They aren't going to judge you as much there, and you can most likely go. You can also meet some really cool people your age and work with a lot of bright professors.
Don't get me wrong, I've done my fair share of "black hat" activity, most of which I keep quiet about now, but 15 to 18 is when you're allowed to do exactly that. Now is your chance to really shine and excel in information security classes at a university.
You can still hang out with some of your old IRC friends. I did till I was about 23. Then you realize you quit actually being interested in the same hacks and you start to think that all the new "kids" don't really know what they are doing. Then you start overusing the term "script kiddie".
Don't get me wrong, a lot of people erroneously call younger (and often brighter) hackers "script kiddies" simply because you might develop and use tools that require no thought. What you don't know is they were all using tutorials and very few of them actually coded their own exploits as well. In essence, the stuff they complain about you doing is stuff they would have done at the same age.
But that doesn't mean that you're heading in the right direction. Getting caught at age 15 is stupid. What is worse is the fact you are still in "the biz". I would highly suggest moving on with your life and applying outside of just a few places where you lead with, "I'm a hacker" for an interview.
The only reason why people aren't hiring you is because you still revel in your actions.
If you read the article, it's clear this kid has crossed the line.
Actually, I'm a little surprised you would say such a thing. It's *far* from clear. What line did he cross?
He wrote DDoS code. That's it. He was raided by the FBI for source code. You cannot tell me in one breath that source code is free speech and then say that the FBI was justified for the raid.
He wrote spam software. Big deal. I wrote spam software for my employer, only I'm supposedly using it for "legitimate purposes" because my employer is a public institution. Give me a break!
Maybe we can't catch and prosecute the phishers overseas, but we can catch and prosecute the punks helping them out from the U.S.
For what, releasing source code? I fear the world you expect me to live in. You cannot say that the people who implement a law punishing this kid for his source code aren't going to simply turn around and likewise punish developers of DVD decoding software. Or worse, creators of tools like nmap, tcpdump, and more.
Why? Because if there is anything that History 101 should have taught you, it's that it's the nature of the government to gain, and the people to lose. Security over liberty. Protection over rights. I'm sorry, I'd rather live in a world where my biggest fear is a Windows virus than a world where coding in "that hacker OS *nix" is forbidden save for those "authorized" to do so.
Funny. He doesn't seem to enjoy spam either. Here's how he lists his bugtraq e-mail: bkittridge_at_cfl.rr.com
Why wouldn't he just write:
bkittridge@cfl.rr.com
First, the argument that source code in an of itself is free speech is a steaming pile of crap.
I'm a coder and contributor to open source software. But I don't think anything you write is in an of itself protected free speech.
If I create a 100 page document revealing nuclear secrets and instructions for successfully bringing down a US airliner, is that free speech?
If I create a list of fellow students I intend to kill on Monday, is that free speech?
If I write (and distribute) a program with the express intent of DDoS'ing websites (which is illegal), is that free speech?
If I write (and distribute) a program with the express intent of illegally using zombied machines (which is against federal law) is that free speech?
That is very different than just writing "spam software".
He knowingly crossed the line from free speech to criminal activity (more than once) and needs to be held accountable for that.
Lose Weight and Feel Great with Isagenix
I am a very moral person with a strict code of ethics... that can be purchased for a price when working, spam, porn, light treason, it's all the same. Thankfully I haven't had to sell myself in such a way yet.
Sometimes, you have to make a decision with no options you like.
Some time ago, I was asked to build an adult website. I would have usually just refused. But, this was a very hard decision to make. At that time, money was very tight, and the client asking this of me was one of my very best.
I accepted the project after discussing things with my wife and children. I did a good job with it, and thankfully, things improved shortly afterwards so that I no longer have to do this.
When the choice includes providing for one's family, I can easily see how "morally challenged" becomes a reality. In some cases, the real challenge is: what's more immoral?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
But, I don't think it's the same kind as this guy.
Nifty little script. I keep it running 24/7, bombarding my favorite spammers. I was doing the same thing myself with a frameset, but this one is soooo much prettier!
I don't respond to AC's.
Everybody has their price...a code of ethics just makes your price higher.
If God had had a computer it would have taken him 7 months to create the earth...if he even bothered to do it at all.
Yeah, it's essentially a protection racket, but it still ought to be considered in the outsourcing cost equations. After all, outsourcing decisions are all about facing the cold, hard costs of doing business, and the cost (and marginal cost) of Spam is one of them.
//Information does not want to be free; it wants to breed.
"Morally challenged?" That's a load of sewage.
Depending on the law du jour, he may or may not be a criminal, per se, but he's a scum-sucking pig. A jackass. He's aiding and abetting thieves, extortionists and con artists. He's as guilty as a guy who helps plan an armed robbery and drives the getaway car.
He's a prime example of why we need to bring back three things to the justice system:
1) Public flogging
2) Public stocks
3) Restitution
And I speak as one who's been laid off twice in the computer industry and wondered for months how to feed my family. We survived, and I didn't have to compromise, pursue armed robbery, or aid and abet spammers and scammers to do it.
I'm in networking and administration. I got here via an athletic career (Track and field) and several jobs that had nothing to do with what I do now. I've done everything from shoe store management to construction to general labour.
Ultimately the "job" thing is whatever puts food on the table or helps yoru local community function (coo-op farming comes to mind).
My father started his career doing systems programming for the early generation IBM mainframes that ran the (Canadian) Bank of Montreal/Montreal Trust systems in the mid 1960's. He had a staff of 18 at one point, but barely made enough money to get a mortgage. He offered to quit unless he could get a raise matching the "private" sector offerings. Even with THAT salary he couldn't afford a mortgage, nor even qualify for one. Which is funny since he was essentially a "mortgage specialist" overseeing the punchcard systems and doing actuarial forensics when things got "lost".
To make this story short (hard to do), he quit afetr accepting a job aty a new bank. The new bank cancelled the job several days before he started and having just quit his prvious job he marched in to a Canada manpower office to see what was available there and then. By later that day he was tarring house foundations for almost as much as he made in his previous job. He was promoted very soon for offering to work for less with the expectation that he could learn from the master trades people. They gave him a raise and he began a 30+ year in the building trades...a job that has since taken him from the Arctic building early-warning radar installations to Brunei building housing complexes for big oil conttractors.
The lesson I'm projecting is the point where he was wearing a three piece suit applying for a construction labour job...remember that part. The 1930's weren't even that kind to people so be thankful that at the very least you could get a job at McDonald's to pay the rent if you had to.
Life is one big transition, and if this kid is good enough he'll stay in school, or work on something else and save for the day when he lucks into a good coding job or meets a connection that can find him an employer looking for his secific talents. Rueing the fact that he can only work for people who prey on others is a very weak argument. Someone else is spending their days and money trying to undo all that work he's enabled them to do
The only advice I can offer is good luck and happy adventures. My dad doesn't regret his career change one iota by the way.
Sometimes, you have to make a decision with no options you like.
Why does your website state:
"As a quick test of your skill, include a quick PHP script that will go to any website upon request, and extract any telephone numbers, US zip codes, and email addresses found."
Seems kinda like spam-like work to me.
Sig it.
He's only 18; surely a brilliant programmer but otherwise a naive kid. Also he can't spell, see the screenshots and config files in TFA.
Granted, any half-decent programmer can write code that mass emails a crap load of people. However, this guy also used proxies to cover his tracks as well statistical graphs and print outs of the program's success. His program is also multithreaded, which by no means is a simple programming concept. He definitely has a pretty good grasp of how write decent code. Additionally, I applaude the fact that he coded it in Unix - good tastes concerning the development platform!
However, its really one of the worst things he could have written. Its a shame he doesn't start / contribute to an opensource project. Moral of the story? He's a waste of talent. Also, why is he looking for a "hacker job" when he could just be a software engineer for a whole variety of companies?
"Recursive bipartite matching"- try it!
Comparing building a porn site with a spam designed program is like comparing a petty theft crime with grand theft auto crime.
No matter how much I may disagree with or not like the broadcast flag, part of my job is doing those tasks assigned to me, and should I be told to do so, I will. I may not like it or be happy doing it, but it is my job.
I totally agree with you. In fact, I just wrote a little essay about this (and other things about IT jobs)
Plug, plug: http://www.xanga.com/item.aspx?user=jrockway&tab=
My other car is first.
There is no inherent "good" or "evil". There is no all encompassing "right" or "wrong". There is no statement of truth that contains "is [not] ethical".
If society does not want a behavior to continue, it becomes a crime. It does not become unethical. It does not become wrong. It does not become evil. It is simply either legal or illegal.
He (the subject of the article) is not evil. He is not wrong. He is not unethical. He is either guilty or innocent of a crime. Discuss his guilt/innocense. Discuss whether it is/should [not] be a crime. Discussion concerning ethics, right, wrong, good, or evil is superfluous.
People need to stop turning every discussion into a religious war.
"A man talking sense to himself is no madder than a man talking nonsense not to himself."
I understand your argument but it is too "high horse" for me. I used to do things all day long at work I did not think were ethical (according to me and me alone; any similarity between my ethics and anyone else's is strictly coincidental).
I sold cars.
I sold cars that were worth about what we were asking for them; I made $200 per car I sold. Simple right? Well I had a lady come in who had 2 BK's on her record and $3K in her pocket. That is enough down on a low end Saturn that I knew the bank would finance her. I tried to sell her a $3K beater rather than the new car she wanted b/c I knew the interest would be brutal. In the end she bought the new car @ 22% APR for 72 months. If you do the math, she was royally screwed. I do not feel good about that, in fact I quit my job the following day.
The point of this is that if I was to fully follow my ethics I would have refused to sell her the car. If I had done that I would not have had dinner that night (literally). Thus the $cost$ of my morals that day was food. Killing someone (referenced earlier) is outside of my experience and as such I would refuse the job. Hacking something/someone is well within my work/life skill set and as such that skill is for sale. I have a reasonably good ethical code, but that does not mean I will under no circumstance bend or break it. Enough $$ and I would most certainly attack whatever system you want (some are out of bounds from a self preservation interest).
-nB
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
No need to be rude.
I hold to my arguement, that everybody has a price. It doesn't preclude the possibility that some people (your noble heros) have a price so high it's virtually impossible to pay it.
I respect people who won't be bought for what the world is offering, in fact I try to be one of them. But I have to wonder what would happen if "the world" upped it's offer?
Think about it: if somebody walked up to you on the street, and gave you $1mil and asked you to kill someone where would you draw the line?
Your arch-rival? Your boss? A bum? A random ordinary person? A celebrity? A friend? A loved one? Yourself? What if it was $10mil, or $100mil, or the Presidency of the US?
Thankfully, most people never have to put up with that kind of temptation, because I doubt many could resist. I say humans are generally good, because it isn't cost-effective (in a total life, not monetary sense) not to be. The probable cost of societal consequences of unaccepted behavior are higher than the possible gain minus the person's ethical price. The old saying crime doesn't pay is true...unless you have a low ethical price.
Call me a cynic, but I'd rather have a low expectation and be pleasantly surprised by good people than have a high one and be dissapointed with the bad people.
If God had had a computer it would have taken him 7 months to create the earth...if he even bothered to do it at all.
Sure you might die rather than live in disgrace, but would you make someone else die for your inflated sense of morality?
This 'Everyone has a price' line begs the point. It implies that everyone would, at some point, endure disgrace to achieve an end.
But the way I see it, not sacrificing myself and my being to save my Mom would be the disgrace. Refusing to spam and letting my Mom die would be the REAL disgrace. Becoming a spammer would be, to me, 'falling on my sword' to do that which is noble, namely, saving my Mom. Becoming a spammer to save only myself would, the way I see it, be disgraceful and I would sooner die. Seriously.
But the case in point of this 18-year-old, he sacrificed his honor for a very small price, and did indeed suffer disgrace. Doing what he did to save one's Mom would not be a disgrace.
Mod down people who tell people how to mod in their sigs
Think about it: if somebody walked up to you on the street, and gave you $1mil and asked you to kill someone where would you draw the line?
Your arch-rival? Your boss? A bum? A random ordinary person? A celebrity? A friend? A loved one? Yourself? What if it was $10mil, or $100mil, or the Presidency of the US?
First off, sorry I was rude. I was trying to be funny and conversational in an outrageous, stree-wise sort of way, and I ended up just being rude. I should have put a smiley after it, or better, just STFU myself.
To answer your question, it goes towards what is good. When Robert Pirsig said 'Good is a noun' I knew what he meant, and agreed. Quality in action and being is much MUCH more valuable than $100 million dollars, or whatever. That's what I'm talking about. Quality of person is a THING and very real and a posession, when you look at it differently, and not just an idea, and I would much rather be monitarily poor and of fine personal Quality than rich and a scumbag. Seriously.
Mod down people who tell people how to mod in their sigs
...for just about everything. Some horrible things, like killing people or hurting loved ones, are so high as to be functionally unreachable (nobody is going to pay me $250 billion tax free to leave my wife, for example).
Nobile and heroic are just moral deadweights put on the common man to keep him in line.