Slashdot Mirror
Tech Lessons From the Bad Guys
Chris Lindquist writes "Organized crime, porn peddlers, gambling sites — they all use technology to make a killing. CIO.com has posted several stories that spell out how the seedy side uses IT for profit. From the online techniques of penny stock scammers to innovation lessons from a pair of 'accidental pornographers,' to what you can do to fend off cybercriminals, find out what they do right when they're doing wrong."
Petty stock scams? Organized crime? Sure, I can see that as being 'wrong', though calling "organized crime" wrong is a tautology.
I, for one, do not believe peddling porn or hosting a gambling site are 'wrong'.
Sure, some porn is created in a manner that is harmful to the participants (such as taking advantage of drugged/underage/unwilling subjects). And some people cannot handle gambling -- and fixed games, or games where the players are misled as to their chances of winning, are wrong.
But to generalize that they are all bad? If they are, I don't want to be right.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
First and foremost, user stupidity works for them, not against them. And second, they don't care jack about any rules or regulations, since they're breaking the law already anyway, so why bother with privacy laws or possible damage claims when you're already scamming the stock market or doing a virtual bank robbery?
You cannot apply that "information" to legal businesses. Or at least, you definitly shouldn't.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Bad guys... Banks? Oil companies? Diamond mines? Televised church services? (There are plenty of IT-using "legit" businesses that display questionable moral values too.)
Quote:
I don't have vendors paying the freight to conferences at swank resorts to convince me to invest in something that's half-developed and overhyped. I never use jargon. I spend zero time doing PowerPoints.
Makes me wonder why these people are so much more smart than the average CIO that only knows how to "deploy" the latest crap that comes from that city in Washington.
Maybe because it's really their neck on the line, that's what I call responsibility.
how long until
I've been preaching that for years and the usual response was "you can't require people to study computer science before you allow them on the 'net".
All I want is people to take responsibility for their actions. When I hand my car keys to a person I don't know and he uses the car for ill, I get sued. When I let a stranger into my house and he knocks me out and robs everything in sight, my insurance would laugh at me. When you note your secret number on the back side of your ATM card, your bank won't cover the loss.
Just in the computer area, everyone's free to be as careless and irresponsible as he wants to be. It does NOT take a lot of brain power to know that offers that are too good to be true usually are. It doesn't require a lot of computer knowledge to NOT click on an attachment coming from someone identifying himself as "lawyer" (literally "lawyer", not some name). And it for sure does not require a lot of tech study to install some kind of antivirus tools.
Don't get me wrong. I would not require an average user to hack his windows box to tighten security to the maximum. But why is it still asking too much if I ask people to
- Use a router and disallow incoming syncs (most routers do that by default, so the "it's too technical" argument doesn't count).
- Enable Auto-Update on your Windows box (most Linux distributions can that now, too).
- Install some Anti-Virus tools
- Keep the brain turned on when opening mails and unknown software.
What's so problematic and impossible to do about this?
It's certainly not a 100% secure solution. Granted. But it is "good enough". Just like nobody requires you to have iron bars in front of your windows and steel bolts in your high security door, I wouldn't require people to have 100% "hack proof" boxes. There's no such thing as an unhackable box as soon as it has some kind of connection to another box that can be used by a malicious user (i.e. the standard setup for a box connected to the internet). But at the very least this would thwart almost 100% of the standard trojans currently in circulation.
What's so impossible about it?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
And, of course, using DRM is why they are lumped with the bad guys?
I find a high probability of bullshit in the idea that they decompiled some binary to fix an issue. While I know it's possible, I *REALLY* doubt that you could find and fix a decompiled code related issue and recompile to a point where it would work with any success.
I'm not sure if the article specifies the platform in question, but I've done exactly that a number of times with Java app servers, the decompiled code is quite readable. C/C++ of course would be a different story, but I'm sure it's possible (and in fact the rapidity with which copy-protection systems are broken suggests it's not _that_ hard).
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"