Slashdot Mirror
Interview with a Spampire
Bunch2 writes "In this article at OReillynet, a 'hacker' explains why he put his superior coding skills to use by writing a spam mailer called Fahrenheit. (Hint: $$$) Turns out his little creation is also being used by criminals to 'phish' bank account information from gullible folks. The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'"
The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.
Surely this has been the case for millenia? Only the specifics have changed.
Not sure if it would work, but worth a try.
Please read my Canon EOS tech blog at http://www.everyothershot.com
The tool is legal, its what you do with it that counts. Exactly the same as P2P.
Is today the day we're supposed to gripe about the people who write tools? I thought that we're supposed to be backing the people who write programs like p2p clients that people use to do illegal things until Friday.
If I have been able to see further than others, it is because I bought a pair of binoculars.
The article shows how talented but morally challenged techies are becoming stooges of 'spammers, con artists, and other criminals.'
My thoughts are that coders can become morally challenged when you examine what we're up against today. We are up against shady corporations who lack the motivation to really give us our fair due.
Obviously I don't support the notion of the dark side. I don't have to because I'm employed by a good company who respects me and treats me right. But I wouldn't even support the dark side if I was dead broke. It's a trap that some people fall into, like the numbskull interviewed.
Coders who lack the necessary financial or social rewards in their lives sometimes choose the dark side of the force.
Coders are often the last to be told the way a system needs to be, perhaps a week before the system is due, and yet they should be the first to know. Coders are often looked at with disdain from management because of FUD. I'm really glad the company I work for respects me, but good companies are not the standard today; my company is a lone gem in an disheartening desert of coal. Sure there are other gems out there, but who knows whether a company is a gem unless you have worked there for a little while?
Luck really is the only thing that determines whether programmers/designers get to work for a gem. Bad companies are good at snowing you during HR selection processes. For example, I went on a job interview to a well known video game company on the west coast of Canada. They told me the job was for 55-60k for level design. I was elated. My wife was elated. We hoped that I could get the job. But we also discussed that I should be watching out for bad practices in the company before we uprooted and moved to the other side of Canada. When I was flown out to meet with this company, they immediately asked me if I would take 40k instead of their original bait. I told the HR guy that I was interviewing his company too, because I was trying to feel out if their company was a fit for me or not, and that his company had lost a huge chunk of trust by shaving off a potential 20k from the starting salary they had quoted to me during the two month preselection process. Yes the company can decide what to hire you for, but this really seemed like a bait and switch to me. You know I bet they do that all the time and I bet every single level designer falls for it, until they get laid off after the project they were hired to complete goes gold. It's a cheap trick and likely the start of a very unpleasant relationship so I threw the interview. I didn't get the job, and I didn't want it. Many companies are like that -- sneaky.
The standard is a company that is in it for profit, and allows the egos of management to dictate system design and project management. If managements were forced to delegate systems design to those who will be responsible for doing the actual work, we would have better systems and far fewer coders would choose the dark side.
Some of these dark side of the force programmers are fed up with managements and they have lost faith. So all ye who own companies that hire us, please prove them wrong.
The dangers of knowledge trigger emotional distress in human beings.
If your passion revolves around software and the jobs have dried up, and you have to make a living somehow... you're going to do what you have to.
Sure, selling spamware is unethical. But if it's that or starving to death...
*shrug*
Prontab.net - Porn for geeks. (nsfw)
If you read the article, it's clear this kid has crossed the line.
Let him share a cell with Martha for a while.
Maybe we can't catch and prosecute the phishers overseas, but we can catch and prosecute the punks helping them out from the U.S.
Lose Weight and Feel Great with Isagenix
But with computer programming jobs scarce, the eighteen-year-old Florida software whiz has joined the spam trade.
Aww.. the poor kid can't make any money any other way, so he has to resort to underhanded methods... hang on:
Kittridge said he created Fahrenheit, which runs on Unix-based computers, in early 2003. At the time, he was working as a system administrator for Evoclix
So he already had a job.
I might be going to extremes but he is basically saying:
"Ok so I can't find a girlfriend so I decided to rape one!"
If he is a so called "whiz kid" why can't he get a job? I thought brilliant people would actually find original ways to prove they are better when it comes to joining the workforce.
No, you suck. No, you suck. No, you suck.
My penguin ate my sig
When you see people in places like Venezuela registering "secure-usbank.com," it sorta makes you wonder whether there should be stricter controls over domain registration. People would probably be less likely to trust a domain if it didn't contain the name of their bank in it.
Of course, too much control would hurt people who have legitimate reasons for using a name, such as, perhaps, "usbank-sucks.com" or some other sort of personal-opinion type of thing.
And on the flip side, it sometimes feels like maybe there's already too much control from corporations in particular, who take things like mikerowesoft way too seriously.Still, there's a nagging thought in the back of my head that spammers in Venezuela should have a slightly more difficult time getting secure-usbank.com. Maybe US Bank should've taken a cue from Microsoft and more vigorously defended the use of their name online.
picpix image polls. create - share - vote. fun!
"Because of outsourcing [of software and system administration jobs], it's one of the only ways a hacker can make money," says Kittridge.
Really? Sounds like the same false argument shop lifters make when trying to say there isn't work for them. No, it is just easier to steal/write malicious code then get a real job. They can say his code is a work of art, but it is still easier than trying to work at a corporation or starting a legitimate business. This criminal needs to get off his ass and get a real job.
the sad thing is, this kid is 18...
in 10 years when the market is better, his code will still be looked down upon because of things like this. at my last two positions i was told part of the reason I was hired was because of my positive google check.
Personally i havent had any problems paying rent in this economy with an honest job and hard work, it happens in nearly all lines of work where there are tough times. just stick it out, keep yourself honest, and you may be better off in the future, this guy has pretty much sealed his fate to a future of gray market applications
#include sig.h
so, I can pimp out my kid? or else I'll starve?
so I can become a contract assasin?
Heroin dealer?
A lawyer?
every day http://en.wikipedia.org/wiki/Special:Random
The Army reading list
If your passion revolves around software and the jobs have dried up, and you have to make a living somehow... you're going to do what you have to.Ah, a person of questionable ethics.
Let's make this real clear for you: You are NOT entitled to work in your chosen field. Most of us do, because we fought hard to, but you are not guaranteed shit. If I had a passion for working with animals, but I couldn't get a job as a vet, do you think it'd be ok for me to go kill kittens and make money off of it? We do have an over population problem, after all.
Sure, selling spamware is unethical. But if it's that or starving to death...1. There are jobs to be had. Maybe not in your field, but there are jobs to be had.
2. When was the last time you heard of ANYBODY starving to death in the US?
Mod me down with all of your hatred and your journey towards the dark side will be complete!
And frankly, I'd eat a bullet before being a 31 year-old guy working at McDonald's
Yeah, I mean really, how terrible it must be to have health insurance, a steady paycheck, and to use the easiest cash register ever created?
Quite simply, you are a selfish greedy idiot.
You've got to remember that when a journalist / CEO / marketroid / your mom tells you that someone is a "computer whiz" that just means that they know more about computers than the speaker. It's a matter of any knowledge being greater that no knowledge.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
"Because of outsourcing [of software and system administration jobs], it's one of the only ways a hacker can make money," says Kittridge.
Okay, let's get a few things straight here. No offense, but you are 18. You haven't been in the "job market", and I hope to god you've been doing well in school. I imagine you've gotten great grades.
That said: have you looked at college? They aren't going to judge you as much there, and you can most likely go. You can also meet some really cool people your age and work with a lot of bright professors.
Don't get me wrong, I've done my fair share of "black hat" activity, most of which I keep quiet about now, but 15 to 18 is when you're allowed to do exactly that. Now is your chance to really shine and excel in information security classes at a university.
You can still hang out with some of your old IRC friends. I did till I was about 23. Then you realize you quit actually being interested in the same hacks and you start to think that all the new "kids" don't really know what they are doing. Then you start overusing the term "script kiddie".
Don't get me wrong, a lot of people erroneously call younger (and often brighter) hackers "script kiddies" simply because you might develop and use tools that require no thought. What you don't know is they were all using tutorials and very few of them actually coded their own exploits as well. In essence, the stuff they complain about you doing is stuff they would have done at the same age.
But that doesn't mean that you're heading in the right direction. Getting caught at age 15 is stupid. What is worse is the fact you are still in "the biz". I would highly suggest moving on with your life and applying outside of just a few places where you lead with, "I'm a hacker" for an interview.
The only reason why people aren't hiring you is because you still revel in your actions.
Sorry, you got that word wrong. It's not pronounced "HA-kurz", it's pronounced "LY-ing SO-sho-PA-thik THEEVZ". But no worries, it's an easy mistake to make.
Carousel is a lie!
Starving to death? Right-o. Perhaps if he's got the intelligence to write nice code, perhaps he may have the intelligence to think of a genuinely useful service/piece of software to sell. It might take more thought than being unethical.
Or perhaps in the meantime he can work for Ronnie's burger bar, or on a building site, or as a motorcycle courier - there are plenty of jobs around to take while you look for something better.
Oolite: Elite-like game. For Mac, Linux and Windows
Subject lines and to avoid sending the "phish" to any addresses containing the words admin, FBI, or abuse.
I wonder if you had an address like admin-fbi-abuse@somemailservice.com, how much less spam you'd get.
Worse than the comment's author are the moderators... Why do you folks want to blame everybody else except yourselves??? Get a grip! No, coders don't go bad because somebody pushed them into it. Some coders are just on the "evil" side because coders are people and some people are just "evil".
And all your tirade about hiring processes etc. That's just because "coders" let themselves be played. Most IT folks get no education about hiring practices and laws and rarely share information with each other. Example: You don't mention the company name, is it EA? Why the secrecy? Example: post an article here about NDAs and non-competes and read all the contradictory comments. Why do we IT folks have so many different views of legal documents? Did we all all our information from an "IANAL" friend instead of a formal course at college? Example: how many zillion comments do you see here complaining about managers not playing the programmer's way? Why not try to play the manager's game? Why not try to listen to the users, have meaningful dialogs with them?
But no matter what, "far fewer coders" would not "choose the dark side" (sheesh, how old are you moderators, 12?). "Coders" will do bad things just as often, whether or not they're trained properly and treated properly. That's just human nature!
So, since we are not holding anyone accountable for their actions, you won't mind if I hire myself out to run a hit on this guy, right? I mean I have to making a living somehow.
Sure, selling spamware is unethical. But if it's that or starving to death...
On to the serious side, no one needs to starve to death in this country. Between food shelters, welfare, and temporary jobs, it is easy to get enough food to stay alive. Furthermore, I have never been in a situation where I could not find a job. It may be a shitty job that pays crap but you can almost always find a job if you want to.
The problem with poverty in this country is not unemployment, but underemployment, and the large number of people that have not been able to advance themselves out of the subsistance level of employment. I do think that we need to do something about this, but I don't buy for one second that this kid had no other choice.
If you RTFA, you will see that long before he started selling spamware, he was under investigation by the feds for DOS attacks and other blackhat crap that had nothing to do with making money - he was just being an asshole. He was intelligent, and could have found a decent job, if he had bothered investing the time to build up some good experience. If he really loved programming/security he could have eventually found a job in it. And if is only concern was money, then there are plenty of other way to do that. It's not like has years and years in college wasted by moving to another sector. He choose to be a scum and make his living by harming others.
But, I don't think it's the same kind as this guy.
Nifty little script. I keep it running 24/7, bombarding my favorite spammers. I was doing the same thing myself with a frameset, but this one is soooo much prettier!
I don't respond to AC's.
Yeah, it's essentially a protection racket, but it still ought to be considered in the outsourcing cost equations. After all, outsourcing decisions are all about facing the cold, hard costs of doing business, and the cost (and marginal cost) of Spam is one of them.
//Information does not want to be free; it wants to breed.
"Morally challenged?" That's a load of sewage.
Depending on the law du jour, he may or may not be a criminal, per se, but he's a scum-sucking pig. A jackass. He's aiding and abetting thieves, extortionists and con artists. He's as guilty as a guy who helps plan an armed robbery and drives the getaway car.
He's a prime example of why we need to bring back three things to the justice system:
1) Public flogging
2) Public stocks
3) Restitution
And I speak as one who's been laid off twice in the computer industry and wondered for months how to feed my family. We survived, and I didn't have to compromise, pursue armed robbery, or aid and abet spammers and scammers to do it.
I'm in networking and administration. I got here via an athletic career (Track and field) and several jobs that had nothing to do with what I do now. I've done everything from shoe store management to construction to general labour.
Ultimately the "job" thing is whatever puts food on the table or helps yoru local community function (coo-op farming comes to mind).
My father started his career doing systems programming for the early generation IBM mainframes that ran the (Canadian) Bank of Montreal/Montreal Trust systems in the mid 1960's. He had a staff of 18 at one point, but barely made enough money to get a mortgage. He offered to quit unless he could get a raise matching the "private" sector offerings. Even with THAT salary he couldn't afford a mortgage, nor even qualify for one. Which is funny since he was essentially a "mortgage specialist" overseeing the punchcard systems and doing actuarial forensics when things got "lost".
To make this story short (hard to do), he quit afetr accepting a job aty a new bank. The new bank cancelled the job several days before he started and having just quit his prvious job he marched in to a Canada manpower office to see what was available there and then. By later that day he was tarring house foundations for almost as much as he made in his previous job. He was promoted very soon for offering to work for less with the expectation that he could learn from the master trades people. They gave him a raise and he began a 30+ year in the building trades...a job that has since taken him from the Arctic building early-warning radar installations to Brunei building housing complexes for big oil conttractors.
The lesson I'm projecting is the point where he was wearing a three piece suit applying for a construction labour job...remember that part. The 1930's weren't even that kind to people so be thankful that at the very least you could get a job at McDonald's to pay the rent if you had to.
Life is one big transition, and if this kid is good enough he'll stay in school, or work on something else and save for the day when he lucks into a good coding job or meets a connection that can find him an employer looking for his secific talents. Rueing the fact that he can only work for people who prey on others is a very weak argument. Someone else is spending their days and money trying to undo all that work he's enabled them to do
The only advice I can offer is good luck and happy adventures. My dad doesn't regret his career change one iota by the way.
His software was written specifically for spammers.
It has the capability to bounce messages through an open proxy.
It has the capability to take in a list of names and sort out the ones with "admin" "abuse" or "fbi" in them.
And, last of all, his program can be used by one person to annoy millions of innocent people.
A p2p program needs to be used by 2 consenting people. They might both be breaking the law, but that's something they have to both decide to do.
He wrote a program designed to send and conceal spam, knowing that it would be used to send and conceal spam and then he sold it to spammers who he knew would be using it to send and conceal spam.
The difference seems fairly obvious to me.
I've used bit torrent to download Knoppix images. Yet I don't believe that any of the people he sold his software to would be bouncing mail off of open relays for legitimate purposes.
Granted, any half-decent programmer can write code that mass emails a crap load of people. However, this guy also used proxies to cover his tracks as well statistical graphs and print outs of the program's success. His program is also multithreaded, which by no means is a simple programming concept. He definitely has a pretty good grasp of how write decent code. Additionally, I applaude the fact that he coded it in Unix - good tastes concerning the development platform!
However, its really one of the worst things he could have written. Its a shame he doesn't start / contribute to an opensource project. Moral of the story? He's a waste of talent. Also, why is he looking for a "hacker job" when he could just be a software engineer for a whole variety of companies?
"Recursive bipartite matching"- try it!
Bank tellers who feel they are being underpaid embezzle from Wells Fargo.
Athletes who know they'll get huge endorsement deals if they win will take performence-enhancing drugs to win.
Junior executives who want to advance up the corporate ladder will look the other way when their bosses employ crooked accounting methods.
IT people are no differen than anyone else. We all face difficulties in the workplace - boredom, underpayment, stress, extensive overtime, ignorant bosses, ignorant subordinates - you name it, most of us have experienced it whether we're techies or not. Moral challenges abound for us all.
The trend I've seen over the last two or three years is that techies are increasingly thinking of themselves as victims. Perhaps this is because the IT industry is maturing, and the jobs that were once seen as the exclusive domain of Big Brains are now seen as just another part of the Information Economy.
It's not an easy thing to confront, particularly if your ego is wrapped up in your job. But market forces, technical innovation, and other forces are making IT jobs in the United States less attractive for those individuals who for whatever reason are not in a position to start their own company or work as consultants.
Those IT folks who are willing to accept that getting ahead in this industry no longer is risk-free will be fine. But the days of wine and roses are over. IT is becoming a commodity. We hammer on the RIAA for failing to alter its business model in the face of technical and social changes, but what are we doing if we keep looking back to the glory days of the late 1990s, rather than preparing for the future?
Read the EFF's Fair Use FAQ
Some nerve.
semiquote: "All the jobs are outsourced to India so I have to to this to live."
I really don't care who I hurt as long as i can pay my rent.
Nice morals.
Where is my Metal Bat of Don't Do That Or I Will Beat You Again?
- Zav - Imagine a Beowulf cluster of insensitive clods...