Slashdot Mirror
Hackers Not Afraid of Being Caught
An anonymous reader wrote in to point us to an interview with Honeynet Founder Lance Spitzner where he says "Years ago it was hackers who were doing it for the bragging rights, now it's the criminals. The motivation has changed, hacking is now profitable and there's so much money to be made with very little risk to the actual hackers."
Of course hacking is profitable -- the laws of supply and demand cover this as any service or product. The laws making hacking illegal only add more gold to the pot. For acts considered criminal, the value to the service provider will still meet what the market dictates. In this case, the chance of getting caught is low, so hacking might not be as profitable as selling pot, but it also depends on the demand. If hackers are making money, that means there is a demand for their service. If only a few hackers are willing to take the risk, a high demand and low supply of service providers means a high cost/profit. That's the nature of the free market.
Yet I don't think this profit will necessarily last forever -- even if laws change to make it easier to catch a hacker and even if the penalties are raised. The Internet is global, not local. With more third party countries gaining Internet access and more people willing to invest the time to learn to hack, I believe hackers will find their jobs outsourced as quickly as call centers and web developers have. So what?
The State will write laws to defend against hacking, but the reality is that the free market will provide better defense. There are laws against breaking and entering, but do they work? No, locks do. In situations where locks don't work, alarms work. In situations where alarms aren't enough, a Colt 45 used once usually fixes that situation. The law has almost no effect on crime other than raising the profit for those willing to take the risk. Hackers make a profit only means that anti-hackers have a new business opportunity -- and if you're good with security, you should make a windfall NOW before the law interferes with YOUR ability to secure your clients. Regulations against hacking might harm you more than they harm the "criminals."
Take advantage of this business opportunity today -- on either side of the "battle."
Hackers can think whatever they want. The real problem right now is that the governments of the countries they live in don't care and don't do anything about it. Perhaps that's understandable since many of those countries have enough non-tech issues to deal with already. But I think that if that's the case, they just shouldn't be allowed on the internet yet. There really needs to be a bar for entry. I can't tell you how many applications we get for people using stolen credit card numbers and coming from IPs in Africa, Indonesia, etc. Fortunately, we check applications by hand and weed those out. But many hosting companies probably just accept them and create accounts, opening their systems to escalated privlige attacks.
I'm surprised we haven't started seeing vigilantes tracking down hackers and spammers. When governments can't handle things, the mob takes over.
or just the gibson.
Being a hacker is not a punishable offense. If criminals are using so-called "hacker" skills in criminal pursuits, they're still criminals. Call them criminals.
I'd expect the OMG SCARY word "hacker" to be misused like this in Hollywood films and mainstream news, but not on Slashdot of all places.
Slashdot Burying Stories About Slashdot Media Owned
Angelina Jolie, a bunch of punky but fun misfits, and I used to hack into evil businesses and expose their secret schemes to steal from the poor and opress the common man. We'd use holographic GUIs and paint our laptops... kids these days... well they've just ruined it all.
I would say that criminal hackers (those that make A LOT of profit using their talents for the dark)are (and always were) a minory. Most of the so called "hackers" are just people of all ages like you and me, that are just having the internet as a playground.
It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
Hackers are the 21st Century equivalent of the mercenary. Pay them enough money and they will do what you want. As long as someone somewhere feels the need to crack a database or extract sensitive information from some business/person, there will hackers ready to answer the call. Crack down on them, and all you do is reduce their number, weeding out the weak ones, and leaving a highly competitive and lucrative market for the strong ones.
GetOuttaMySpace - The Anti-Social Network
I tried to become a hacker once, but I suck at reading the Matrix code.
This is my signature. There are many like it but this one is mine.
I still consider myself a hacker, however, have i broken any laws recently? No, i don't break laws for what i do. I still go by the old definition of a hacker as being somebody who muddles with something computerish to see how it works and what it can do (and how you can break it). Unfortunately, that movie did more damage than all the hackers that came before it. It made hacking OMG SO KOOL LOLZORS!!!!
Any tool can be used for bad, a needle used to vaccinate a baby can be used to shoot heroin, a puppy can be raised to be a killer, a knife can cut a steak or someone's neck. These are only tools, simply because a criminal uses computer tools, he's a hacker. Does every robber who uses a police issue hand gun get called a cop? Every axe murderer a lumberjack? Tools are tools.
Btw, never do anything on your computer that you don't want to show up on wall street journal, cause there's a remote chance it could.
...word is that several MAJOR adult sites got their membership(but not CC) databases compromised this weekend. 500k+ members on each site. I've seen the records, verified a login or two. Complete SQL dumps.
Honestly, freaked me the fuck out.
The lady(yes, lady) who did it still has access.
From what I've heard, of course.
The war for the meaning of the word "hacker", but come on now. If whatever you're doing is not for the satisfaction of the accomplishment, you're not really a hacker.
It's kind of like the distinction between a slut and a whore. Sluts do it because they enjoy it, whores do it for financial gain.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
When it comes to (criminal) hacking, or any other illegal activity, the smart perp will consider the risk-reward of his behavior. Unless the potential payoff of a crime is significant, it simply does not make good economic sense to do it.
Example: say you offer me $100,000 to commit a crime which may carry a 10-year prison term. To me, such an opportunity is not worth the risk. Even at a low-wage job, I can earn $20,000 a year, $200,000 in a decade. Why would I sacrafice $200,000 of earning power (minimum) for a potential $100,000, to say nothing of legal fees, destroyed reputation and the horror of pound-me-in-the-ass Federal prison?
Back in the day, when I was a minor and thought I was invincible, I occasionally slipped between the gray and black, and did a few things that were not exactly kosher. However, my motive was not money, but rather the thrill of "showing them how smart I was". Had I been thinking clearly, or been subject to adult-level criminal law enforcement, I would have stuck to the benign aspects of hacking.
That said, would I ever "hack" illegally again? Yes- but only on the condition that I left my potential prison sentance with enough cash to retire early.
barack to the future?
Well, amongst technical folk, I thought the term was cracker.
I would have looked it up on Wikipedia (perhaps even something clever like "Hacker Technical Controversy") but I've heard that this source is considered inherently unreliable by some. As a non-expert, I wasn't impressed and so I'm still none the wiser.
Time for cheese and crackers (here in the UK).
Several years ago we filed a case with the FBI over an issue where a spammer hacked into our system. We gathered logs and had details on exactly where they came from and where they were operating. In this case it was an American. We had overwhelming evidence of credit card fraud, hacking major networks, as well as computer tampering and lots of monetary damage and interruption of e-commerce. We did most of the work -- the FBI basically collected the information we provided and did little investigating of their own, and then presented the case to the attorney general in two separate jursidictions, at which point our case was blown off. No wonder the hacker/spammers aren't scared. The authorities are apathetic and unmotivated to prosecute people in these fields when they clearly break the law. The exception seems to be if you're a child who has annoyed a very large corporation.
I have a hacking permit.
"It ain't a war against drugs.it's a war against personal freedom" --Bill Hicks
It's more like the difference between flammable and inflammable. I sure learned that one the hard way.
Where were you when the voynix came?
Quite frankly, I don't understand why there is almost no active lobbying for harsh laws towards hacking. Just think about it - When launching an online server, be it an an application server , gaming or communication server , a hosting service or a website - what is your most major concern after the development is over(even if the development was done with it in mind )?
Security. The FEAR of getting your server hacked pretty much doubles the development cycle, and is around 70% of the patches and fixes issued after it is launched. It's retarded that not having enough security = invitation for being hacked. Sleeping with the windows (no pun intended) open and getting a "I walked around your house and took a shower, don't forget to close your windows tomorrow night" letter on the next morning in case of a white hat or "I stole your stereo and PS2, why the fuck you left the windows open" in case of a black hat, is how the internet works these days, and it needs a major fix.
My Starcraft 2 Blog
The tag ("duh") really drives the point home. Obviously those who are engaged in any illegal activity aren't afraid of getting caught. If they were, they wouldn't engage in the activity - or they're just plain stupid. Maybe instead of being "from the they-are-masters-of-disguises dept." this one should've been "from the stating-the-bleeding-obvious dept."
Insanity is a gradual process; don't rush it.
The motivation has changed... (sorry gerv, I couldn't resist)
There's a browser safer than Firefox, it is Firefox, with NoScript
And dentists. Not to mention teachers, bus drivers, auto mechanics, policemen and politicians. They're all not afraid of "being caught!"
Maybe they're not afraid because there is nothing illegal about being a hacker, or a dentist, or a cop. It's just that some hackers, and cops, and politicians do illegal things. That makes them criminals, not hackers.
I don't care why you're posting AC
I think I remember the P-P-P-Powerbook having that feature...
"Let's face it, it's a good story. Accuracy would kill it."
Welcome to the real world: words change meanings continuously. "Thing" once meant a council meeting (waay back in the norse times), now it mean, well, "thing". "Gay" once meant cheerful/happy, then it meant "homosexual", and now it's in the middle of becoming just "uncool". Etc.
That's how we ended up with so many languages. As a species we have a sort of a "Babel tower" mechanism built in. Get two communities isolated for long enough, and even starting from the same language you end up with two new languages or dialects. Each of the two changed words independently, and eventually you end up with the whole language of each not even resembling the language of the other. (Don't believe me? English and Greek both evolved from the same Indo-European roots.)
People hear some cool new word, or a new way to use an existing word, or some wisecrack and latch to it. And if it gets enough followers, there you go, you have a new word or a new meaning for a word.
Some cool kid uses, say, "twink" in a MMO once for someone buffed or equipped beyond the means of a normal player that level. Some people hear it, like it, and start using it too. Repeat a few iterations, and next thing you know it becomes the new primary meaning of that word in relation to MMOs.
And so it was with "hacker" too. Except this time it was also boosted by a whole generation of clueless journalists, who promptly bombarded everyone with their new meaning. Everyone has had it hammered into their heads that "hacker" doesn't mean the old-style "guy who really likes computers and doing amazingly hard/low-level stuff", but, yes, basically "high tech criminal".
As early as the end of the 90's I've had the surprise to hear even computer engineers using it that way. Yes, literally. I was for example at some training back then and the guy teaching goes, "anyone knows what a 'hacker' is?" Me: "Someone who really loves computers and programming?" Him: "Nope, a criminal breaking into other people's computers." Go figure.
So, way I figure it, we might as well let go. That battle is lost, and we don't even have the means to fight it. For every time you tell someone "no, no, no, 'hacker' was never supposed to mean 'criminal'", they'll promptly have a dozen TV show hosts, pseudo-tech journos, etc, hammering the opposite right back into them. That word is lost. By now it's not just "mis-used", it simply _is_ the new meaning of the word.
Give up, move on, find another one.
A polar bear is a cartesian bear after a coordinate transform.
Very little risk you say? What about this guy?
_ pass_h.html
http://blog.wired.com/27bstroke6/2006/11/boarding
"On a scale from 1 to 10, people are stupid"
I think everyone on Slashdot knows that if you NEEDED to make a few million dollars in a month your best bet is identity theft, sell a few people's houses and you're rich.
It's low risk, technically simple but you hurt a very specific person who you have to learn a lot about.
It's a bit scary how easy it would be to make money though identity theft.
But considering Slashdot's heavy Linux "Give back" ethical system and hoping it's somewhat indicitive of creative techies everywhere hopefully we'll find a solution before it gets out of hand.
Correction: Stupid Hackers Not Afraid Of Being Caught.
There is still a risk despite all the proxies,routing,SSH and secure encryption.A person underestimating risks is more likely to get caught.
This is pretty much exactly why I left the scene. 10 years ago I was writing articles for the zines. Friends and I were hacking and having fun on IRC. We did it because it was fun and exciting; a challenge. More and more though, I started noticing things changing fast. People were getting busted more often because they were getting lazier. The whole money thing definitely came into play on many occasions.
It's no fun anymore. Granted I am older now and program for a living, so I get to do my own hacking here legally. The scene itself though, imo, is way too dangerous to have fun in anymore or have any kind of involvement.
Yes and no. What "jihad" may mean in day to day usage is one thing, but what it means in the religious context of the Koran is an obligation of all good muslims to defend a fellow muslim against a non-muslim aggressor. By force of arms, if it's an armed aggression. Admittedly, it's still _not_ the "aggressive terrorism against western freedom and democracy" that western media mis-represents it as. But it's not quite the generic neutral word for "struggle" either.
Same, if you will, as "communion" may simply mean "association; fellowship" or "interchange or sharing of thoughts or emotions; intimate communication" in layman's speak, but it holds a very speciffic meaning in the context of the christian church. You may not eat the body and drink the blood of Christ when you just meet with a few pals, but when you're talking about "communion" in a church context, it wouldn't be a communion without those. Yes, technically it's still just derived from the layperson meaning, as in "communion with God", but nevertheless, it becomes a very specialized term with a very well defined meaning.
And so it is with "jihad" too. It's not just a random word picked on by the western media, but something with a very clearly defined meaning and requirements. It's practically jargon.
Again, admittedly, the western media did distort and mis-represent the word, making it sound like some aggressive nut-case crusade when actually the obligation is just one of mutual defense. That's a very big distortion of meanings and intentions there. In that, I do see the western media guilty of misinformation indeed.
But it's not just a fabricated buzzword, either. And there is some reason why it's translated as "violent struggle" too.
A polar bear is a cartesian bear after a coordinate transform.
"Years ago it was hackers who were doing it for the bragging rights, now it's the criminals."Aleph One's "Smashing The Stack For Fun And Profit" http://www.phrack.org/archives/49/P49-14 is already a decade old, and I guarantee that "hackers" were using PBXs, ROLM systems, CNA, etc for profit well before then.
It seems like folks ought to be checking The Jargon File http://catb.org/jargon to get their definitions of hacker and cracker straight. Or, if you don't like that, try Wikipedia's definitions of hacker http://en.wikipedia.org/wiki/Hacker and cracker http://en.wikipedia.org/wiki/Cracker_(computing). Hacking is not a crime. Cracking is a crime. Just because a few journalists and Slashdot readers are clueless doesn't change the meaning of the words. Those same clueless folks probably insisted (wrongly!) that the 21st century started in the year 2000.
Slashdot of all places should know the difference! A hacker writes code - he/she "hacks" - I "hack". The guys breaking into other peoples' computers are "Crackers" - as in breaking something.