Stupid Hacker Tricks - The Folly of Youth

N_burnsy points out an article in Computerworld which "profiles several youthful hackers, some still serving prison time, some free, who have been caught indulging in some fairly serious cybercrime, and looks at their crimes and the lessons they have (or have not yet) learned. Starting with Farid 'Diab10' Essebar, currently a guest of the Moroccan prison system, who wrote and distributed the Mytob, Rbot, and Zotob botnet Trojans. There's Ivan Maksakov, Alexander Petrov, and Denis Stepanov, all guests of the Russian penal system, sentenced to eight years at hard labor for creating a botnet to engage in DDoS (distributed denial-of-service) attacks to blackmail online gambling sites based in the UK, threatening to take the sites down during major sporting events. Then there's Shawn Nematbakhsh who was a little too eager to prove a point about the electronic balloting system that the University of California employed to hold student council elections, by writing a script that cast 800 votes for a fictitious candidate named American Ninja." Not everyone on the list is exactly youthful, and the range of offenses shows how lumpy this area is both to the law and in public perception.

Link without 5 pages of ads...

[muellerr1]

http://www.computerworld.com.au/index.php/id;193960399;fp;16;fpid;1;pf;1

Re:Link without 5 pages of ads...

[CogDissident]

Thanks, It was really annoying looking at that tiny sliver of a text-column, and the corresponding 5 pages that they made a relatively small article.

Re:Link without 5 pages of ads...

[Jarik_Tentsu]

I feel kinda inadequete. Back when I was a kid, I read some outdated article on DoSing, so decided to open 20 command prompt windows pinging a server over my dial up connection.

It didn't go down. =(

~Jarik

Re:Link without 5 pages of ads...

[TheLink]

On the bright side, you didn't go "down" either right?

Student elections?

[Nursie]

University student imprisoned for interfering in University council elections as a way to expose how bad the voting system is?

There is no justice in the world. That kid should have been given a fucking medal.

Re:Student elections?

[Nursie]

OK, I have now RTFA'd. He still should have been given a medal rather than a conviction.

Re:Student elections?

[chuckymonkey]

Mod parent up. He really didn't do much that was malicious, hell he even made up a fake candidate so that it would sway the election for a real candidate. All the guy did was prove that the system they payed so much money for was crap, but we can't have that now can we? It would displease our corporate overlords.

Re:Student elections?

[smittyoneeach]

Student election?
Blade/face bijection
Halt candidate/follicle
Ninja insurrection
Burma Shave

Re:Student elections?

[notaspy]

He did better than that; he was given a JOB!

Re:Student elections?

[Intron]

No - mod both you and OP down for posting without reading the article. He wasn't imprisoned. He had to pick up trash and pay costs. The system worked just about right.

Re:Student elections?

[cpricejones]

But really, who would not want a student council rep who could flip out and kill someone.

Re:Student elections?

[neomunk]

Yes, we should make those who point out the gaping holes in our society (which could very easily be used against us, and possibly already have) PAY!!! Humiliate them by the side of the road for the outlandish gall of trying to expose the truth, when it might inconvenience one of his upper-caste betters.

Re:Student elections?

[Intron]

You aren't looking at the big picture. Imagine what calamity would have ensued if American Ninja had been elected to Student Council. Slaughter at Homecoming. Beheadings at Pep Rallies. Eviscerations at the Winter Ball.

Re:Student elections?

[junglee_iitk]

Thanks for saying that.
Just shows that even moderators have not RTFA :)

Re:Student elections?

[Dannkape]

That kid should have been given a fucking medal. Which is why NOT giving him one, takes the attention away from Diebold buying said software for their next version.

Re:Student elections?

[BlueShirt]

I think there is a disconnect somewhere in how people think of these things. If someone breaks into a box of voting slips to show how easily it can be done, the person is punished for being a wise-ass because everybody knows how easy it is, really, to break into a voting box. The system actually runs on trust and the punishment is in place more or less as a token.

Somehow we are expecting electronic security to be better than paper security and social justice for electronic "escapades" (or smart-ass behavior) to be treated differently.

Re:Student elections?

[MrJSuppish]

If I recall correctly, the kid used those 800 votes by using other people's names, and by doing so, removed their ability to vote in the election. So, perhaps not the best way to go about it.

Re:Student elections?

[Rary]

All the guy did was prove that the system they payed so much money for was crap, but we can't have that now can we? It would displease our corporate overlords.

Yes, he was such a noble crusader....

"I really wasn't making any point at all," Nematbakhsh admits, debunking news reports to the contrary. "It was a senior prank, a silly thing."

Re:Student elections?

[langelgjm]

we should make those who point out the gaping holes in our society

Except that he explicitly says he was doing no such thing in TFA:

"I really wasn't making any point at all," Nematbakhsh admits, debunking news reports to the contrary. "It was a senior prank, a silly thing."

If he had really been interested in fixing the flaw, he could have brought it to the administration's attention in a much better way that would have avoided him having to do community service, and not screwed up the election.

Your point is still valid, though. When I was an undergrad, a friend of mine discovered that the primary key to the LDAP student/faculty directory was the same number that was encoded on our ID cards, the result being that we could create fake ID cards for anyone in the directory (and thus gain their building privileges, have access to the accounts linked to the card, etc.). He went to the administration with the information, and they reissued cards to the entire student body. Then, they proceeded to start a judicial investigation against him. Thankfully, nothing ever came of it, but it does show the tendency of institutions to punish those who are actually trying to help them.

Re:Student elections?

[whyloginwhysubscribe]

But what did he prove?

That it is possible to get caught for hacking ballot systems? Although he used a candidate that wasn't valid, they may have spotted a case of a genuine candidate getting a lot of votes. The article didn't go into any depth - e.g. did he use the same username / password etc?

I actually think that the punishment was just - it hasn't ruined his life and he's learned a valuable lesson.

By the way - I don't think it is that easy to break into ballot boxes is it? Certainly in the UK they are sealed. The main flaw in our system seems to be postal votes.

Re:Student elections?

[RiotingPacifist]

Well he wasnt imprisoned but i personally dont get why any of them were. The blackmailer maybe, but locking the guy up for scanning cisco routers for default passwords, hes no danger to society hes just wasting taxs by being locked up.

Its pathetic, save jail for people who are a threat to society not somebody who 'cracks' a router.

Re:Student elections?

[toleraen]

I wonder if the guy ever heard something like "If you say it was just a prank we won't send you to jail."

Re:Student elections?

[JCSoRocks]

The funny part is his own quote -

"Getting caught was kind of a wake-up call, that the Internet was not some kind of playground and I couldn't do what I wanted to all the time. I had to obey the law. The prank was not well received by a lot of people at the school." He acts as though what he did was actually traced back to him via the Internet... he didn't get busted as part of some kind of brilliant cyber-sleuthing... he got busted because he bragged about it and word got out. If you want to do that kind of thing you're better off keeping your mouth shut.

The whole thing is silly anyway... they're student elections. At a big school they're just a contest to see who has the most friends / friends of friends.

Re:Student elections?

[clodney]

You are saying that he couldn't have pointed out the gaping hole in any other way. Say, by sitting down with someone from the student newspaper and demonstrating the hole with one or two bogus votes?

That would be responsible. Thousands of votes is somewhere between stupid and vandalism. He even admitted it was nothing more than a prank, with no particular goal of exposing an insecure system.

Re:Student elections?

[hey!]

Except that he admitted he wasn't really making a point, even though if he had the point would be a good one. And if he had been making a point, the punishment would be reasonable.

The point of civil disobedience is not to avoid being caught. It is to be caught in a way that proves the system is corrupt. Punishment is critical to the effectiveness of civil disobedience as a strategy to change the world.

It's also critical for holding back the tide of unthinking self-righteousness in the world. If good intentions were an absolute defense, there would be no end to the crimes people would commit with complete assurance they are on the side of right.

Giving this guy a slap on the wrist is the right thing to do; it serves the purpose of having the rule without doing more damage than breaking the rule did. The rules are there for the guidance of the wise and the protection of fools. The wise might choose to accept punishment in service to a higher cause; the foolish shouldn't be punished more than is necessary to set them on the right track.

Re:Student elections?

[neomunk]

Your argument is well reasoned. I will consider your point of view, and may come back to comment if I have any thing to add. The only thing I'd like to add now (my time just became brief) is that I don't know if I trust the whole "just a prank" bit, as I can very easily see the authorities giving him a choice between prank (slap on the wrist) or political statement (threats of terrorism charges, put on airline watchlist, etc.).

That's an aside though, and your reasoning is strong even without that bit. I'll mull it over, and thanks.

Re:Student elections?

[neomunk]

I think some people, even when doing the right thing, like to do it with dramatic flair and style (American Ninja!?!). I guess that's frowned upon while pointing out maladministration, but remember it's highly encouraged in today's society as a whole.

Re:Student elections?

[neomunk]

I don't see the big practical difference in what you suggest and what he did. Now, if he had made HIMSELF (or any other real person, including real candidates) WIN the election in order to 'prove a point' or even 'commit a prank' then I would be just as vocal as anyone in screaming about this kid's level of stupid. He didn't though, he made it obvious, and thus did nothing that really undermines the election (except (false)confidence that shouldn't be there in the first place).

Re:Student elections?

[unsigned+integer]

But it would have been totally sweet.

Re:Student elections?

[Missing_dc]

Yelling out "I Rule!!" after news is released may not be the best strategy for anonimity.

Just ask Randy Millholland : http://www.superstupor.com/sust04282008.shtml

(shameless plug)
While you are at it, check out his normal comic strip, set aside a few day to go back to the beginning and read them all.
http://www.somethingpositive.net/

Re:Student elections?

[fugue]

Speaking of which, is anyone up for some good old-fashioned Diebold-gaming this election? Of course, in the spirit of vi vs. emacs, kde vs. gnome, etc., there would doubtless be some dispute as to whether to get a worthwhile president by writing in Kucinich, or really push the point home by electing Sauron...

Re:Student elections?

[metachimp]

Small schools, too.

Re:Student elections?

[Digi-John]

The blackmailer maybe, but locking the guy up for scanning cisco routers for default passwords, hes no danger to society hes just wasting taxs by being locked up.

If you find an unlocked door, are you in the habit of walking inside and lifting any credit cards or cash you find lying about? I mean, you totally shouldn't go to jail for THAT, you don't know how to pick a lock, you're no danger.

Re:Student elections?

[RiotingPacifist]

If you find an unlocked door, are you in the habit of walking inside and lifting any credit cards or cash you find lying about? I mean, you totally shouldn't go to jail for THAT, you don't know how to pick a lock, you're no danger In this country (UK), im fairly sure i wouldn't you have:
be a flight risk
be a danger to society
refuse to do other punishments
to waste taxes on your ass. But then again IANAL and this is just what a friend told me.
If your dumb enough to leave your door unlocked it doesnt make my actions legal but it does make them a lot less malicious, i mean if you find a $100 note in the street do you go to the station and hand it in?

Re:Student elections?

[Digi-John]

I'm going to reply to the only part of your post that makes any sense--the final sentence. Unlawful entry is a whole different ballgame than simply finding $100 on the street. One is trespassing with the intent to commit crime. The other is finding a relatively small amount of cash (difficult to find the original owner) in a public place.

Re:Student elections?

[RiotingPacifist]

sorry the 1st part is just stating of my countries IMHO sane laws (unfortunatly thier not followed all the time).
My point with the last section is where do you draw the line between locking somebody up and slapping them on the wrist.

I really dont thing that locking on to some server is that bad, give the kid a fine and get him to do some community service instead of locking him up where
1) He's costing you money
2) He's mixing with criminals

Re:Student elections?

[CorSci81]

or really push the point home by electing Sauron...

I'd rather not see another term of Dick Cheney in the White House, thanks.

Re:Student elections?

[kaizokuace]

"UCLA Student Council President American Ninja, single handed, slaughters USC* at pep rally."
*- this includes all students on campus.

Re:Student elections?

[operagost]

The VP does not live in the White House. KTHX

Re:Student elections?

[Some_Llama]

"You aren't looking at the big picture. Imagine what calamity would have ensued if American Ninja had been elected to Student Council. Slaughter at Homecoming. Beheadings at Pep Rallies. Eviscerations at the Winter Ball."

I think you forget that the head of student council was a pirate. Problem solved.

Re:Student elections?

[Anonymous+Psychopath]

Rigging an election? Now that's Real Ultimate Power!!!

Re:Student elections?

[PitaBred]

What about the people who may have done that, and DIDN'T get caught? Someone just picking and choosing a few people who they knew weren't going to vote and hacking their "vote" to go to someone they wanted to be elected?

So what if he used other people's names? The whole election was rife with possibility for fraud to begin with, and this only brought that to light.

Re:Student elections?

[d0hboy]

I felt that neomunk's response (above) is one of the most mature I've read on slashdot in awhile. Most other responses to an argument end up as personal attacks, regardless of whether it was reasonable or not.

Re:Student elections?

[WNight]

Who cares? He proved the system was crap, whatever his motives.

What did he damage? The election was obviously untrustworthy so spoiling it didn't hurt anyone. Anyone legit should welcome an insecure election being demonstrated to be that way.

Re:Student elections?

[WNight]

Once the election is shown to be rigged you have to do it over again anyways.

Re:Student elections?

[kainino]

Except that he explicitly says he was doing no such thing in TFA:

"I really wasn't making any point at all," Nematbakhsh admits, debunking news reports to the contrary. "It was a senior prank, a silly thing."

I'm willing to bet that he did that because he figured it would lighten his sentence (as sibling poster noted). It could very well have worked, too.

If he had really been interested in fixing the flaw, he could have brought it to the administration's attention in a much better way that would have avoided him having to do community service, and not screwed up the election.

No, and no. If he had brought it to the administration's attention they would probably simply try to suppress it because otherwise actual malicious people might figure it out and do something bad. And if the voting system was a simple largest-percentage voting system, adding 800 votes for another candidate would not affect who won the rest of the election, even if less than 800 other people had voted (in which case, of course, they'd have to ignore the obviously fake American Ninja and give the election to the second place winner).

Thankfully, nothing ever came of it, but it does show the tendency of institutions to punish those who are actually trying to help them.

Which just gives a great example of my above mentioned point. Except that getting everyone to re-vote (not that this is necessary) is not as easy as sending a bunch of new cards out.

Re:Student elections?

[kcbanner]

Wow you managed to get +5 on two posts made by yourself that contradicted each other. Kudos to you sir.

Re:Student elections?

[Rary]

He broke the law and cost the school thousands of dollars. Just because something good comes out of it doesn't change what he did.

Obligatory car analogy: "Thank you Mr. car thief for stealing my car. I wasn't aware it was so easy to steal it. Don't worry, you taught me a valuable lesson about using a club and installing an immobilizer, so I won't press charges."

Re:Student elections?

[WNight]

No, he didn't cost the school anything!

The election was ruined from the moment they started. He merely pointed out the error they had already made. If he hadn't pointed it out they may have failed to catch the error, but they'd have an invalid result.

If this guy had voted for a real candidate (not obviously fake) the students who were unable to vote would have been written off as having forgotten (or lied) about already voting, or isolated errors and incorrect passwords. His voting for a fictional candidate in large numbers was the only thing that would make the organization admit an error.

Anyone who sees something like this vote that has the appearance (and requirement) of security and anonymity but is not actually secure, has an obligation to let everyone else know. But if he'd brought the issue up in quietly (as in, able to be swept under the rug) he'd have still be charged with hacking and the school would have let the election continue.

If you want a car analogy, let's see... A student sees a broken brake cable on the school bus but the driver refuses to fix it. So the student slashes a tire on the bus to prevent it moving, weighing the small damage and lost time versus the risk of fatalities.

Re:Student elections?

[Rary]

No, he didn't cost the school anything!

Yes he did. If he had wanted to raise awareness of the problems with the system, all he had to do was report it. But he had no interest in raising awareness, he just wanted to play a silly prank. So he did, and he got caught. I have no sympathy for him.

Anyone who sees something like this vote that has the appearance (and requirement) of security and anonymity but is not actually secure, has an obligation to let everyone else know. But if he'd brought the issue up in quietly (as in, able to be swept under the rug) he'd have still be charged with hacking and the school would have let the election continue.

Um, can you explain to me how he could be "charged with hacking" if he hadn't actually done anything yet?

If you see a problem in a system, you report it to those responsible for that system. If they do nothing, you let everyone know about it (campus newspaper, for example).

But all of that is irrelevant because he wasn't trying to make anyone aware of anything, he was just playing a stupid prank.

Give it up. He's no freakin' hero. According to the article, even he agrees with me.

Re:Student elections?

[WNight]

No, he didn't cost the school anything! Yes he did. If he had wanted to raise awareness of the problems with the system, all he had to do was report it. No, you just keep getting this wrong. The vote was already fucked from the moment he *could* do something. It needed to be redone either way. The money was already spent - if they didn't plan on ignoring the warning.

There's a chance the votes were tampered with. It's not like they could patch a bug and keep on going. They had to pitch the whole thing and start fresh.

But all of that is irrelevant because he wasn't trying to make anyone aware of anything, he was just playing a stupid prank. So? Exposing a flawed election is helpful even if he didn't intend to be.

He's no freakin' hero. So? He accomplished something very useful anyways.

Um, can you explain to me how he could be "charged with hacking" if he hadn't actually done anything yet? You're living in the USA (presumably?) and asking me to explain how someone could be charged with or punished for something they didn't do? Wow.

Charged with whatever they can because the school is screaming about electronic terrorism, or merely sued and kicked out of school. Both have happened for less. Google for old Slashdot articles if you need examples.

Re:Student elections?

[Rary]

This discussion is getting old and going nowhere. I'll just say this: If you murder someone in a hospital by exploiting a previously unknown flaw in a life support system, even though you've revealed a flaw that needs to be addressed, you still committed murder and should be charged.

The case under discussion is obviously much less extreme, but the point remains that if you play a stupid prank, you should expect to be punished.

In fact, the guy in the article fully expected to be punished. He knew he was doing something wrong, even if you don't.

Re:Student elections?

[WNight]

If you murder someone in a hospital by exploiting a previously unknown flaw in a life support system, even though you've revealed a flaw that needs to be addressed, you still committed murder and should be charged. I'll fix that for you. You forgot the election was already dead.

"If you stick a knife into a corpse in the hospital, in the process of proving a murder was committed, you may be charged with molesting a corpse, not murder, but you probably shouldn't be charged anyways."

No extra harm was caused. In fact, his minor vandalism prevented a cover-up that would likely have happened.

He was doing something wrong, minor tampering that should have either had no effect or taken minutes to fix, if the system worked. Yes, it was a crime. So is spray-painting the underside of a bridge. But not a very large one.

How much 'wrong' could a guy really be doing by voting for 'American Ninja'? Was that his pseudonym? Was he poised to take control of the valuable ... student body presidentship...? Not even. It was just a prank - "Hey look everyone, American Ninja is more popular than any of the real candidates. Haha". OMG! Alert the authorities, that's some major evil there!

And then they make him pay for the election, as if he ruined it. He *might have* ruined it, if it hadn't already been ruined. But to say that he ruined it is a farce - if anything he brought some modicum of trust to future elections. But yeah, shoot the messenger.

Typo in TFA

[sm62704]

OK, if you're happy and carefree it no longer means you're gay unless you're homosexual, and hackers are now criminals who break into computers. Even the tech press is calling cyberglars* "hackers". Even slashdot, who should have striven to maintain the word that used to be a badge of honor back when nerds were being rediculed, uses "hacker" like the ignorant lusers do.

So what's the new word for someone who writes quick and dirty code that actualy runs, or changes a transistor radio into a guitar fuzzbox?

BTW, if you wrote TFA shame on you! the proper word is "script kiddie", cyberglar, cyber burglar, "computer criminal". Not "hacker" for God's sake. Just because Joe Sixpack thinks a "hacker" is a criminal and RAM is a brand of truck doesn't mean we should share in their ignorance.

"I used to be a gay hacker, now I'm only a happy nerd" :(

-mcgrew

*Yes, I just coined that word. So sue me.

Re:Typo in TFA

[oodaloop]

So what was the typo again? Not using the word you just made up?

If a hacker is someone who writes quick and dirty code, then the people described in the article would be a kind of hacker. Sorry you don't like being associated with them, but that's hardly a typo.

Re:Typo in TFA

[somersault]

So what's the new word for someone who writes quick and dirty code that actualy runs, or changes a transistor radio into a guitar fuzzbox? I vote we call them all "The One". Let's see them bastardise that!

Re:Typo in TFA

[contrapunctus]

Your really insightful comments are overshadowed by your "gay" comments.
I have mod points and I didn't know what to do. I thought I'd give advice instead of modding:
Stick to the point.

I know I'm off-topic.

Re:Typo in TFA

[JaredOfEuropa]

Even the tech press is calling cyberglars* "hackers". Even slashdot, who should have striven to maintain the word that used to be a badge of honor back when nerds were being rediculed, uses "hacker" like the ignorant lusers do.

In other words, pretty much everyone save a few die-hards refers to "crackers" as "hackers" now. That's how languages evolve; trying to go back to the original meaning of the word would be as pointless and futile as Hormel's attempt to disassociate the word Spam from unsollicited emails. Or, taking your example, as futile as trying to get "gay" to mean happy again.

Re:Typo in TFA

[neomunk]

You're at the wrong site. Judging by your sig, I'll recommend powerline blog(not linked in an effort to keep my soul clean).

GP is absolutely correct in his rant, and if he's guilty of ANYTHING it's bringing up something WE ALREADY ALL (should) KNOW.

If you think the GP is incorrect in his assertion that the word 'hacker' has been used out-of-context by a source that should know better, then you've reached a new level of fail on slashdot.

Personally, I'm offended by the constant creep of middle managers and other shitstains who think reading slashdot will help their careers somehow. It's evolved into news for nerds, comments by wannabe geeks. A mini-atrocity if you ask me.

Re:Typo in TFA

[neomunk]

This should be fun...

Let's do a quick headcount. "Who here is The One." *counts about 50,000 slashdotters before giving up*
That's alot of The One(s). Next we need to somehow semantically link "The One" with 'There can be only One" and munch popcorn as the epic geek-fight (with interesting gadgets!) ensues.

Good idea somersault, have some of my imaginary popcorn for your efforts.

Re:Typo in TFA

[oodaloop]

Oh, I'm so sorry you don't agree with my view of the world. That MUST mean I'm not a geek, and a shit-stain at that.

It's evolved into news for nerds
Well, that IS the tagline. Maybe YOU'RE the one on the wrong site.

Re:Typo in TFA

[Vellmont]

BTW, if you wrote TFA shame on you! the proper word is "script kiddie", cyberglar, cyber burglar, "computer criminal". Not "hacker" for God's sake.

I never understand this strange attachment people have to word definitions. Give it up, the word also means "computer criminal".

Just because Joe Sixpack thinks a "hacker" is a criminal and RAM is a brand of truck doesn't mean we should share in their ignorance.

This is the thing I also don't understand. "Joe Sixpack" is the guy defining the language, not people in Universities, or "experts". There's also plenty of the "break into computers", or "design an exploit" people that proudly call themselves hackers. Who gave you the only valid define the language card?

Language changes. If you don't like that, I suggest you go learn old english, and get all uppity about how nobody understands what you're saying.

Re:Typo in TFA

[Lemmy+Caution]

"Joe Sixpack" is not entirely the guy defining the language, not as long as people in universities and members of the upper-middle and upper classes get to exercise preferential treatment toward people who speak like them. If Joe Sixpack wants little Joey Sixpack to get into a good college and improve his status, he'll make sure that Joey lurns to tawk purty.

There are many institutional gatekeepers in this world, and we use the mastery of standard English as a basis for making distinctions about who gets to pass those gates.

Re:Typo in TFA

[somersault]

I hope it's butterscotch.. if only my imagination were as powerful as yours I could make it so!

There can only be one one - though one squared is still one, and 1 ^ 50,000 is still one, so I think we'll be okay, somehow. The geek fight is a good idea though. My weapon of choice is an Amiga A1000, maye with a 21" CRT for backup (only really good for when you're above your opponent of course)

Re:Typo in TFA

[Vellmont]

not as long as people in universities and members of the upper-middle and upper classes get to exercise preferential treatment toward people who speak like them.

Heh. This just kills me. If you really want to know who has the most control over language, it's the writers and people on television. Those people are sometimes the "upper classes" and sometimes the "joe sixpack". They're rarely a University instructor, or "expert" on the subject at hand. My point is simply to refute the idea that More Knowledge == Correct when it comes to language.

Re:Typo in TFA

[PRMan]

That was the point. Like it or not, people who used to be "gay" in a non-homosexual sense are no longer able to use that word that way. "Dick" was a common name when Batman and Robin came out in the 40s (and Dick Tracy), now nobody would call their child "Dick". Language changes whether we want it to or not.

"Hacker" has become something that benevolent hackers can no longer call themselves, no matter how we feel about it.

Re:Typo in TFA

[caluml]

if you're happy and carefree it no longer means you're gay unless you're homosexual And if you're homosexual, but unhappy, and with lots of worries? *

Hetero, and fairly content, btw.

Re:Typo in TFA

[tarrantm]

That's because you'd offend a whole buncha hicks by calling some geek doing illegal things a "cracker".

Re:Typo in TFA

"This little one isn't worth your trouble. Let me buy you a drink."

Re:Typo in TFA

[sm62704]

No, not "not using the word I just made up". Using "hacker" when they mean "criminal". You don't have to modify anything or write code to break into a computer system, there are already tools available.

A fellow named "Fydor" wrote a program named "nmap". You probably saw it running in that one Matrix movie. Fydor is a hacker. Someone using nmap to gain unauthorized acces to a computer system is just a criminal.

Re:Typo in TFA

[steelfood]

pretty much everyone ... refers to "crackers" as "hackers" now.

What does skin color have to do with technology?

Re:Typo in TFA

[sm62704]

I hope by "gay" you mean "happy and carefree". I referred only to the fact that a word was changed completely from its original meaning to somthing that has no resemblance whatever. The word "gay" was changed from "happy and carefree" to mean, ironically, a member of a group of people whom half of commit suicide, while "hacker" was similarly bastardized. The only difference is that "gay" was deliberately changed by a group with an agenda, while "hacker" was changed by witless ignorance.

As to gays themselves, what they do is none of my business. I wish all you guys would turn gay so I could have your women.

Re:Typo in TFA

[sm62704]

Hey, I like that! And we could call the lusers "zeros!"

On3s and zer0s. You have my vote!

Re:Typo in TFA

[oodaloop]

Using "hacker" when they mean "criminal". Dictionary.com provides the following definition of hacker:
1. a person or thing that hacks.
2. Slang. a person who engages in an activity without talent or skill: weekend hackers on the golf course.
3. Computer Slang.
a. a computer enthusiast.
b. a microcomputer user who attempts to gain unauthorized access to proprietary computer systems.

It seems both the author and editor used the word correctly, or at least how the rest of the English-speaking world outside of /. uses it. I'm sorry you don't like it, but that doesn't make it a typo. Granted, definitions 3a and 3b group those who break the law with computers and those who just like computers, but there are many words in English and other languages that similarly create confusion. Perhaps instead of trying to get the rest of the world to use a different word for def 3b, why don't you just start using a different word to decribe 3a?

Re:Typo in TFA

[neomunk]

You think not? Well I have 2 tesla coils, a homemade fusion neutron source, a couple sets of jumper cables and an odd array of sheet metal in a kinda-pretty fractal-ish arrangement all connected in a menacing-looking way that says maybe I -AM-.

That bit down there that looks like Darth Vader's colostomy bag? That's just to show that I've faced greater challenges than slashdot (and as a timing circuit in the teslas' discharge regulators. (that dude didn't need no stinkin' Metamucil, he 'went' like clockwork baby (cept when he saw ME coming... MUHAHAhahahaha))).

Re:Typo in TFA

[SanityInAnarchy]

Or the old, tried and true "cracker".

Re:Typo in TFA

now nobody would call their child "Dick".

I have a few friends named Dick, and I asked one if he would consider naming his son Dick, and he replied, "It is a character building name."

Re:Typo in TFA

[SanityInAnarchy]

The unfortunate thing is that it's a complete loss of a word.

"Gay" doesn't bother me so much, because it has synonyms. I can still call myself "happy", "merry", "gleeful", "cheerful", etc, depending which is appropriate.

"Hacker", or "hack", in the proper usage, really has no synonyms. "Codemonkey" doesn't fit, because hacking isn't limited to programming -- there are hardware hacks. "Modder" doesn't fit, because a hack can be an entirely original creation. And neither of those give the sense of slapdash/genius, mad science connotation that a hack is.

That is, I think, why we fight so hard against it -- there is no word we could replace "hacker" with in "just another perl hacker". But there are many words we could replace "hacker" with in the "breaks into systems" sense -- cracker, script kiddie, phreak, social engineer...

But it's not going to happen. I think I finally gave up correcting people when I saw a PBS show called "Cyberchase" -- the villain is "The Hacker", and is an absolutely stereotypical villain in every sense. Which means that kids are now growing up with the new definition of "hacker", and there's not really anything I can do about it.

Re:Typo in TFA

[Danny+Rathjens]

*Yes, I just coined that word. So sue me.

So I am unclear; are you for or against the evolution of language? ;)

Re:Typo in TFA

[sm62704]

Hell, I wouldn't mind if it was spelled "crhacker". But clearly we need a new word for what "hacker" was before the world's ignorants changed its meaning.

Re:Typo in TFA

[ca111a]

You are insisting on politically correct usage of the word "hacker"? How about the fact that some of them are criminals and hackers? Criminals because they were convicted. Still hackers, because they researched, explored, found flaws, etc. Does one lose the title of a hacker after being convicted? Besides, I don't see that much harm in what that student did with election.

Re:Typo in TFA

[BadMrMojo]

cyberglar

r0bbl3 r0bbl3

Re:Typo in TFA

[gnuman99]

People of Lesbos would disagree with your comments, sir!

http://news.bbc.co.uk/2/hi/europe/7376919.stm

Re:Typo in TFA

[sm62704]

I am for the intelligent evolution of language. I am against completely changing a word to its opposite meaning in less than a single generation for no reason whatever save ignorance or malice.

New words are needed all the time, and there is no reason not to use an obsolete word for a new purpose (we drive our cars, the word "drive" comes from back when we drove a team of horses). But using a perfectly useful word because of stupidity (hacker) or malice (gay) is illogical and unreasonable. If gaity had left the world and laughter was outlawed, then using "gay" to mean "homosexual" would be logical. But to change the meaning of a word that maent "happy and carefree" to "a member of a group, half of whom attempt suicide" is extrordinarily stupid IMO. Shit, they could have coined a new word, or used a foreign word, or used an obsolete English word. But now when a kid hears "Deck the Halls" he has to think that "Don we now our gay apparel" means cross dressing!

It goes against the very purpose of language, which is communication.

Re:Typo in TFA

[sm62704]

If he's a hacker (old school sense of the word) it doesn't matter whether or not he's a criminal. Criminality shouldn't enter into its use. If he writes a quick program to illegally gain access then he is indeed a hacker. If he uses Nmap without modification to crack a system he's a script kiddie (Yes, Trinity is a script kiddie, nowhere do we see her writing original code).

You are misusing the term "politically correct". "Hacker" meaning "cyberglar" (new word for the day) isn't politically incorrect, it's factually incorrect (or was before we allowed the definition to change). "Pro-life" is politically correct, but usually factually incorrect since most pro-lifers are, in fact, for the deat penalty as well as any war the government brainwashes them into believing is right. "Pro-choice" is also politically correct but factually incorrect, since few "pro-choicers" support the woman's right to inject heroin.

Re:Typo in TFA

[ca111a]

You are right, the article is wrong in its use of term "hacker" to mean "criminal". That is probably because the word itself sounds cool, whereas "script kiddie" sounds childish, "computer criminal" is too official and "cyberglar" is difficult to pronounce (and also uncool). And since the news sites care less how accurate the stories are (and care more about the ratings) - they use terms that will achieve that goal.

Re:Typo in TFA

[treeves]

Kind of like "A Boy Named Sue", huh?
Johnny Cash FTW.

Re:Typo in TFA

[greyhueofdoubt]

>>now nobody would call their child "Dick".

AFAIK, Dick is short for Richard. Plenty of people name their kids Richard. If Chuck finds some new vulgar meaning, it won't stop parents from naming their children Charles.

-b

Re:Typo in TFA

[bluefoxlucid]

Last man on Earth isn't all it's cracked up to be, trust me. I have never gotten a girl in bed; I've wanted to, gotten close, just innocent playing around, figuring I'll make a move later... and they're suddenly on top of me. I don't know WHY, I didn't do anything, they just put themselves there. It's tormenting having so many stable, nice girls that I've come to know well enough to know that's not how they normally behave just throw themselves at me like I'm their savior in Trojan armor.

Re:Typo in TFA

[bluefoxlucid]

I just call them assholes myself.

Re:Typo in TFA

[SanityInAnarchy]

Why should we have to change? It was our word first, damnit!

You're probably right, though...

Re:Typo in TFA

[sm62704]

"cyberglar" is difficult to pronounce (and also uncool)

It's not old enough to be cool. It was literally born yesterday.

Re:Typo in TFA

[sm62704]

I agree with you, but I've surrendered. There are more important windmills for me to tilt at.

Re:Typo in TFA

[sm62704]

nope.

Re:Typo in TFA

[sm62704]

They already know about it

Re:Oh boy...

[OneSmartFellow]

'American Pie' meme warning !

All I can say is

[CSMatt]

Watch that ass in prison.

"catch me if you can"

[circletimessquare]

that tom hanks/ leonardo decaprio movie about frank abagnale serves up the most useful point about guys like these:

1. convict them and put them in prison
2. take them out and convert their sentence into useful work for the federal government. if they f**k up, back in the hole they go

when some guy finds a chink in a voting system and exploits it, yes, he's done wrong, but he's also done society a service, no matter what his intentions were. this doesn't necessarily need to be rewarded, but it does need to be recognized as useful work in pursuit of a useful goal for society. these individuals, however morally and ethically flawed, still have use to society

what they need is supervision, like frank abegnale, and skills that previously went to petty vandalism and self-indulgence at the expense of society can instead be converted into useful work for society. these individual must be supervised, since their ability to form ethical and moral decisions has obviously been shown to be severely compromised, but you will note that frank abegnale today is currently very wealthy and quite the free man, and all of his current wealth accumulated through honest work. rehab is not only possible, but it is also profitable, for the individual who needs an ethical and moral correction, and society at large

Re:"catch me if you can"

[argent]

3. You've taken a job away from an honest man and given it to a crook.
4. The other half million blokes in prison still get to rot.

Perhaps it might make more sense to attack the problems in the prison system at a lower level?

Re:"catch me if you can"

[Jarjarthejedi]

3 - Perhaps. But you've also taken a job away from someone who may or may not be good enough and given it to someone who definitely is good enough. Two sides to every coin (and since I highly doubt the non-criminal would be getting the same kind of supervision you could argue that the job is brand new, for the criminal, and therefore you're not taking it away from anyone.) You could also use the job as a form of community service, paying them less but allowing them to stay out of jail on good behavior, which would mean no non-criminals had to lose anything.

4 - Indeed they do. Why shouldn't they? There are many people in prison who don't deserve to be in prison, but we're talking about people who do deserve to be in prison (for the most part) being given a chance to put their, unique, skills to use in a good way. If you could come up with a good and simple way to do that for, say, a drug dealer, or a murderer, then I'd support it (though none of that Starcraftian nonsense of 'Put all the murderers and violent criminals in giant suits of armor and make them your expendable army')

Re:"catch me if you can"

[Torvaun]

What honest man has that intimate of knowledge of how check fraud is done? There is no amount of studying that can make up for a complete lack of practice.

Re:"catch me if you can"

[holmedog]

Do you mean Frank Abagnale? Not to troll, it's just you didn't give any perspective on who he was. Frank Abagnale was a check fraudster who eventually went on to help counter forgery.

Re:"catch me if you can"

[holmedog]

Bah, forgot I said this. I just reread the comment and realized at the beginning you did spell it correctly. My bad for jumping the gun.

Re:"catch me if you can"

[Swampash]

Yes, but Frank Abagnale is now rich and successful BECAUSE of his life of crime, not in spite of it.

Re:"catch me if you can"

[sorak]

that tom hanks/ leonardo decaprio movie about frank abagnale serves up the most useful point about guys like these: 1. convict them and put them in prison 2. take them out and convert their sentence into useful work for the federal government. if they f**k up, back in the hole they go So he saw an issue in the voting system. He could have sold the election to the highest bidder, but instead, he demonstrated the flaw to everyone. His reward? We stick him in prison and use him for slave labor.

Re:"catch me if you can"

[Lumpy]

Every banker and financial person so they know what to look for.

Cripes you Should also know how counterfeiting is done so you can look to see if you are getting passed bad $20's and $100's.

Being an uneducated dork is not way to go through life.

Re:"catch me if you can"

[daigu]

I'm sorry, but government has no place converting people to "useful" work or "supervising" them. Further, government isn't ethical or moral. No organization is ethical or moral, because these are qualities of human beings - qualities that more frequently get subverted by government than they are by "petty vandalism" or "self-indulgence".

Example: How many teenagers would know the experience of killing someone if they weren't engaged in doing so for the military?

Thanks, but no thanks. I can do without that kind of "supervision" for myself and the society I live in.

Re:"catch me if you can"

[Goffee71]

Along similar (but fictitious lines) Read Terry Pratchett's Postal - where the evil genius villains get a chance to turn their lives around by sorting out failing businesses. Microsoft should have a hug-a-hacker month and let them fix its codebase.

Re:"catch me if you can"

[BruceCage]

Somewhat off-topic but since you referred to Frank Abagnale I thought it might be interesting to share this speech by him I stumbled upon a few weeks ago.

Re:"catch me if you can"

[Torvaun]

I'm sorry, my post didn't include the word "should". Yes, lots of people should know what to look for to catch check fraud or counterfeit money. My question was who -does- know, and the answer is the criminals for whom getting it right wasn't the difference between passing and failing a test, it was the difference between freedom and prison.

Re:"catch me if you can"

[kitgerrits]

Actually, a number of prominent hackers (yes, real Hackers), were made to do exactly that.
I seem to recall some Real Big Guys were forced to tour schools and tell the little kiddies that Hacking is Bad.

Re:"catch me if you can"

[argent]

What honest man has that intimate of knowledge of how check fraud is done?

The ones already doing the job of catching the crooks, for one.

Re:"catch me if you can"

[argent]

But you've also taken a job away from someone who may or may not be good enough and given it to someone who definitely is good enough.

That's a bold assertion, but is it true? Or have you taken a job from a competent guy who has been trying to get his boss to pay attention to a problem for several years and given it to someone who is less competent, but less ethical and more personable?

If you could come up with a good and simple way to do that for, say, a drug dealer, or a murderer, then I'd support it

Get rid of the war on drugs, and so reduce the number of drug dealers and murderers and free up resources that can be better spent on real crimes?

Re:"catch me if you can"

[argent]

Moist Lipwig is a character in a book, not a real person. Characters in books are frequently more charismatic, capable, and paradoxically honorable than the people they represent in real life.

Re:"catch me if you can"

[neverutterwhen]

And so we give jobs to the ones stupid enought to get caught?

Re:"catch me if you can"

[Torvaun]

Clearly not to all of them, just like how not every two bit burglar ends up at Masterlock. Abagnale was on the run for years, held a number of jobs that folks hold in the highest esteem as far as knowledge and ability are concerned, escaped from prison by posing as a prison inspector and walking out, escaped an FBI sting by asking for directions, and, personal chutzpah aside, invented a never-before seen method of check fraud. He may have been caught, but he's not stupid, and he's the right type of guy to give this kind of opportunity.

Re:Oh boy...

[TheVelvetFlamebait]

No-one who saw it thought it was folly. ;)

Wrong vote

[electricbern]

Shame on you Shawn Nematbakhsh, all respectable Slashdot-reading hackers know the fictitious candidate is always CowboyNeal.

Too much "CSI."

[Rob+T+Firefly]

You know the fourth or fifth minute of any CSI episode, just before the Who song and the opening titles, wherein the cops are looking over the corpse of the week and one of them smirks and says something completely snarky and graveyard-humor-y about the whole situation to their appreciative chortling colleagues?

This whole article is like that.

Pure genius

[hansraj]

From TFA:

Authorities were able to clearly identify Essebar as the author of the worm; not only had he signed it with the words "by Diabl0" buried in the source code, but he'd written the worm using Microsoft's Visual Studio, which embeds information about the computer on which the code is written into the compiled program -- in this case, the directory path "C:\Documents and Settings\Farid." D'oh! D'oh indeed!!

Re:Pure genius

[fbjon]

Why does VS do that? Did he forget to turn off debugging symbols or something?

Re:Pure genius

[Digi-John]

Visual Studio--well there's yer probl'm right thar!

Re:Pure genius

[__aailob1448]

Well, Farid is actually a common moroccan name. Thankfully, internet penetration in Morocco is low enough that the ISP was able to identify him easily among the 4 guys and a camel* that have a DSL line.

*The camel's internet service was cancelled for non-payment after the first month.

Security is a hollow game

[Bragador]

People and corporations want to create tools. They want to do this cheaply and quickly. Instead of putting more money to make the system perfect, they prefer to simply make sure it works.

If everyone accepts that systems can't be 100% secured and voluntarily refrain from abusing systems, no playful kid and no adult weirdo would go behind bars.

Instead of trying to punish everyone, we should try to educate and prevent crimes by focusing on humans and their lives isntead of focusing on the machines and their systems.

Re:Security is a hollow game

[mindstrm]

Launching DDOS attacks against a business on a projected multi-million dollar profit weekend and demanding $50,000 to "permit" the site to go back online is not an innocent hacker prank.

Re:Security is a hollow game

[Bragador]

You are right. And yet this crime has taken place because of what exactly? Prevention still has its place.

Also, I doubt most hacks are such high profil crimes so why should society pay for the unnatainable perfect security? So that a few very dangerous hackers have to take a bit more time to plan their crime? They will eventually succeed anyway. Security is an industry based on fears, not facts.

Re:Security is a hollow game

[Bragador]

Sadly, the same could be said about you. I invite you to read about crime psychology, the usefulness of prison vs reinsertion and about how a surveillance society isn't really better at stopping crime.

That's why whitehats are becoming rare

[Lonewolf666]

If even harmless hacks are illegal and may land you in jail, only serious criminals will take the risk (for serious potential money gains).
I think that is why there are less reports about benevolent hackers pointing out security flaws these days, but lots of reports about botnets for spamming and DDOS activities.

Re:That's why whitehats are becoming rare

[Lumpy]

The problem is with Computers, a prank and embezzling 90,000,000,000 dollars and killing 80 people get you the same sentence so ALL things done on the net need to be treated the same. The biggest problems I see are that everyone that did this stuff, including mitnick back in the day, did stupid newbie mistakes and that is how they got caught.
When you get cocky you get caught.

also....

  and the range of offenses shows how lumpy this area is both to the law and in public perception.

I am not sure how I got dragged into this conversation but I had nothing to do with it.

skiddies

[shokora]

Another article about some skiddies and irritating computer criminals. And they even get the title 'Hacker', it's absurd :( Plus convicting someone for showing that your voting system sucks, is retarded. He didn't even do anything malicious. Corporate whiners who can't handle their software sucks...

Re:skiddies

[neomunk]

I spent all my mod points before I got to this thread or you'd get an insightful. You've summed up the article beautifully.

Re:skiddies

[clichescreenname]

Here's a link to a post I just made
Shawn Nematbakhsh may not have done anything stupid, but he didn't do anything heroic, either

Re:skiddies

[clichescreenname]

I mean "malicious", not "stupid". He definitely did something stupid.

American Ninja?

[Thanshin]

"[...]a fictitious candidate named American Ninja." Take that! you ninja lover. American Pirate shall prevail over your fake 800 votes.

P.S. (on /. quote): "When you meet a master swordsman, show him your sword. When you meet a man who is not a poet, do not show him your poem. -- Rinzai, ninth century Zen master"

I wonder what would that Rinzai guy show to a sexual predator.

Re:American Ninja?

[s66iw]

I wonder what would that Rinzai guy show to a sexual predator.

His sword... what else?

Re:American Ninja?

[toppavak]

At my university, we had a student body president who, in order to draw attention to the farce that was our student government ran as "The Pirate Captain." So screw you ninja!

http://students.ncsu.edu/sgims/archive-85/p/the-pirate-captain-piavis-wjpiavis.html

Re:American Ninja?

[steelfood]

I wonder what would that Rinzai guy show to a sexual predator.

Chloroform.

Re:American Ninja?

[Digi-John]

My school's online elections typically end up with a lot of votes for a candidate with a very strangely spelled name... a capital B, followed by a varying number of = signs, followed by a capital D. Perhaps they're trying to preserve anonymity for this fellow? Whoever he is, Mister B====D tends to come in second or third for Student Government president.

Re:American Ninja?

[greyhueofdoubt]

>>I wonder what would that Rinzai guy show to a sexual predator.

A mustache?

-b

Re:Bah Hackers

[HikingStick]

"Cracker" is the distinction made only within the tech community. To the general populous, "hacker" is firmly entrenched and carries the same meaning.

If you really want to change that perception, plan to run full page ads in every major newspaper (because the people who misuse the term are less likely, imo, to get their news online) and launch a multi-million dollar TV campaign in every major market for a few years. Even then, you'll still be vexed by people who will use the old term, but having run the campaign, you'll be able to elevate your level of righteous indignation.

Then you might be able to start a new affinity group: Mankind for the Ethical Treatment of Hackers (METH).

Don't Blame Me

[lewp]

I voted for American Ninja.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Another one in the taxalotl tank

[dbIII]

Instead the taxpayer loses by having to pay to keep him and he loses even more by being imprisoned - the only winner is somebody whose conviciotn numbers have gone up by one more by locking up a prankster because that is easier than dealing with actual dangers to society. People should realise that their taxes would be lower or spent on something other than petty revenge without mismanagement such as this. Unfortunately hard line law and order gets votes while valuing the rule of law and thus not being injust takes more effort.

you don't understand the issues

[circletimessquare]

"3. You've taken a job away from an honest man and given it to a crook."

a crook can't steal a job from an honest man if the job in question doesn't exist. the crooks in question here are doing jobs no one else is doing. otherwise, their exploit wouldn't exist

"4. The other half million blokes in prison still get to rot."

yes, which is exactly what they deserve. robbing banks and raping women isn't very new or very interesting. discovering a technological exploit no one else is doing IS interesting and useful to society, however badly implented by the crook. thus, under supervision, they get free card out of prison to use their skills for good rather than for smarmy pranks or self-indulgence at the expense of society

Re:you don't understand the issues

[argent]

the crooks in question here are doing jobs no one else is doing.

Are they, or are the people who are doing the jobs not getting listened to?

discovering a technological exploit no one else is doing IS interesting and useful to society, however badly implented by the crook.

The crooks who I've dealt with have mostly been good at social engineering... getting listened to... not discovering technical holes. Just like a good chunk of the other half million nlokes in jail. Getting society to listen to the people who are pointing out the holes, often for years before the crooks decided to use them, is a better way to solve that problem.

Did not read the fine article

[dbIII]

The above was a bit too late at night and a rant plus a bad pun looking for a slightly different story.

One thing that really has hit me in the past however is the inappropriate almost military level responses to computer crime in several cases. For example, a few years back the DVD Jon raid involved an international paramilitary team to catch a single unarmed teenager.

Prepubecebt hackers

[wobbelyheadbob]

"just because you may not have reached puberty doesn't mean you can't be arrested and prosecuted for cybercrimes. It just means your parents might go to jail also/instead, or have to pay a huge fine, and then who's going to drive you to band practice or soccer games?" i imagine a 13 year old hacker looking more like this than a kid who plays soccer

Re:Prepubecebt hackers

[potat0man]

Sounds like some pretty sweet revenge for a vindictive kid who hates his parents.

Morris link shows they are right

[PalmKiller]

Morris was around 23 when he created his worm, and while he wasn't a teen, that was still a pretty young age.

Re:Morris link shows they are right

[TheLink]

Despite the Slashdot "summary" saying he is on the list, Robert Morris isn't even mentioned in the article.

Re:Morris link shows they are right

[PalmKiller]

OK, but I was referring to the summary using him as an example of a hacker that was not young, really had little to do with the article contents.

Re:Morris link shows they are right

[TheLink]

Yes you're right that the Slashdot summary is wrong in that way.

I was just pointing out the Slashdot summary was wrong in another way too ;).

May I be the first to say..

[bytesex]

Free Kevin !

Re:May I be the first to say..

[btarval]

Free Kevin!?! Where have you been? I hear that he's rather expensive these days.

Good ol High School

[Kaeles]

This reminds me of the time my high school told us that we were not allowed to do write in votes on the ballet for homecoming king and queen. The winners, strangely enough, turned out to be dave, and "billies nipples", getting about 1/3 of all the votes. It was too bad though, made us do a revote, and threatened to suspend people who made lewd comments on it again.

completely miss the point

[circletimessquare]

he was caught, rehabilitated, and then he earned his money honestly

yes, if he didn't pursue a life of crime, he wouldn't have a penny today. but that's only half the story

equally true: if he wasn't caught and rehabilitated, he would be living dishonestly off of his ill-gotten gains in a pension house in rio de janiero, or, more likely, be rotting in prison in france or somewhere else

OK, who here over 40 never did anything illegal?

[davidwr]

If you are over 45 and you never attempted to gain unauthorized access before you were 20, you either

* were not skilled enough to avoid being caught and you knew it
* had VERY good morals
* didn't have an opportunity

Before the mid-80s "casual" hacking was just as likely to get you a job as it was punishment. By the late '80s and '90s there were much better ways to prove you were good and too many people were misusing other's computer for purposes other than "because they could" or "because it was cool" or to save a few bucks on long distance phone calls.

Some fairly innocent

[mindstrm]

Some of these are fairly innocent hacker pranks.. the kinds of things you do because you can. Like stuffing votes for a fake candidate.

But those russian guys.. sure, they had a botnet.. but the DDoS extortion they did was straight-up extortion, and it had a huge price-tag on the online gambling industry. We aren't talking about a few 10's of thousands here.. they extorted a great deal of money out of the industry, and aside from that COST many companies a great deal in lost profits by shutting them down over key business days.

which is wrong

[circletimessquare]

and i'm showing how it is possible to salvage his "contribution". he did engage in smarmy vandalism of the process you know. that means he does deserve to be punished in one form of another. but not so severely of course, and not without recourse to salvage his skills for the good of society, rather than teenaged pranks

I've a few stupid hacker tricks of my own..

About a year ago I was playing a silly Flash game at a site belonging to Telstra, and after a few rounds got bored and fired up Wireshark to see how it logged the scores.

I found the URL it used to post the scores back to the content server and, in a flash of idiotic curiosity, changed my score to some huge number, requested the URL and checked the scoreboard.

It was quite thrilling to see my name at the top, with a score a hundred thousand points higher than the next person - then I realised I'd probably committed fraud, especially since there were prizes for the winners. I hurriedly emailed Telstra, apologised very humbly, and asked them to forgive me. When I checked the scoreboard a few days later, my score was gone, and I never heard from them.

Pretty amazing, considering they had my mobile phone number, email address, IP address AND a written confession.. there must be some nice people working at Telstra (or they couldn't be bothered following it up). Either way, I'm very, very grateful that they let it slide.

Re:I've a few stupid hacker tricks of my own..

[slimjim8094]

Eh, it was so obviously false, they'd never give you the prize anyways. Anybody apologizing for a stupid Internet game and getting sued or something for it would get tossed out on its ass

Judge: so what, just don't give him the prize and fix your stuff. Next!

Re:I've a few stupid hacker tricks of my own..

[bvankuik]

Nowadays, I try to use the phone more often. I get to choose whether to put it in writing or not.

Cue

[Swifti]

YEAAAAAAAAAH!

Where to start?

[sloth+jr]

How about in the editor-tagged rejoinder about rtm, who is nowhere discussed in the article? Robert MOORE, Timothy, not Morris. Moving on to the actual article (is anyone actually discussing this, or is it all about the usual hacker-vs-cracker meme?)

I found the article particularly annoying in its attempt to link the perps with animal torturers, its feeble pop-cultural references (Cavemen? from a Geico commercial?, and its breathlessly righteous neener-neener overall tone. Is it an Australian thing, that law-and-order is so delightful? If so - oh, the irony.

sloth jr

Shawn Nematbakhsh is a Douche-Bag.

[clichescreenname]

From the summary:

Then there's Shawn Nematbakhsh who was a little too eager to prove a point about the electronic balloting system that the University of California employed to hold student council elections, by writing a script that cast 800 votes for a fictitious candidate named American Ninja. This sounds like a man who I can respect. American Ninja is a stupid name (I would have gone with "George W. Bush"), but at least he was making a point, and putting his neck on the line for a good cause. In fact, had he not been mentioned in the summary, I probably wouldn't have read the article.

From the article:

Enter Shawn Nematbakhsh, computer science undergraduate at the University of California. Was he eager -- perhaps a bit too eager -- to make a point about the electronic balloting system that the university employed to hold student council elections, when he cast 800 votes for a fictitious candidate named American Ninja? Sadly, no.

"I really wasn't making any point at all," Nematbakhsh admits, debunking news reports to the contrary. "It was a senior prank, a silly thing." This makes me sad. I mean, here we had somebody who appeared to be fighting the good fight, when in reality he was just mind-fucking people.

Now, can you people please read TFA before submitting a story? I mean, is it really that hard? Really???

are you serious?

[circletimessquare]

or are you some sort of elaborate troll?

i can't conceive that you would actually think like that

"Example: How many teenagers would know the experience of killing someone if they weren't engaged in doing so for the military?"

uh, PLENTY, moron

ever hear of a gang?

do you live on this planet?

if you are just trolling me, i have chomped hard

please tell me you don't actually believe what you say:

"No organization is ethical or moral, because these are qualities of human beings - qualities that more frequently get subverted by government than they are by "petty vandalism" or "self-indulgence". "

it is malformed individuals who most frequently subvert moral and ethical behavior, not governmental organizations. really, fruitcake, that's the truth

in fact, within the context of a human organization, there is the further observation that any subversive activity is not actually being done in the name of that organization. on other wordsa, individual within that organization are just gaming the system for selfish goals, not working in the name of the system

such that criminal governmental workers aren't really acting in the name of the government, they are acting in the name of themselves, and can be expelled and punished and the governmental organization can continue with its stated mission

unfortunately, deluded fools such as yourself will then believe these criminal, expelled governmental representatives are the actual real face of the organization. when obviously they are not

in other words, you can hold a governmental entity accountable to clean up its mistakes. such that even though any human organization falls short of perfect performance, a human organizaiton that TRIES to be ethical, and is ethical most of the time, is far better than convincing yourself (falsely) that there are no ethics or morality at work in any governmental organization

this is just wrong of you. not theoretically wrong, but just observationally wrong. you don't seem to be able to adequately perceive the obvious reality of governmental work as it actually is. you must be operating under a heavy load of fud and propaganda to believe as you do

Re:are you serious?

[daigu]

The incidence of murder in the United States was 16,528 in 2005 of 5.5 per 100,000 inhabitants. As you can see from the charts, less that 1,000 of those have known connections to gangs. If we assume this is an average, we are talking about ~100,000 in a population of more than 300 million.

Contrast with conservative Iraqi war casualty estimates. We have 151,000 people dead and an estimated 9 out of 10 as a result of U.S. military combat operations or ~135,000 in a population of slightly more than 28 million.

it is malformed individuals who most frequently subvert moral and ethical behavior, not governmental organizations. really, fruitcake, that's the truth

Most instances of genocide, torture and a whole variety of other immoral behaviors happen directly because of government, and on a scale unthinkable to the individual.

in fact, within the context of a human organization, there is the further observation that any subversive activity is not actually being done in the name of that organization. on other wordsa, individual within that organization are just gaming the system for selfish goals, not working in the name of the system

It's all just a few "bad apples", right? Abu Gharib, School of the Americas, the many instances of genocide is just a few bad individuals and doesn't reveal something about how government encourages people to immoral behavior that would be unthinkable to most alone, right? I don't buy it.

People are ethical. Organizations are not ethical, and most organizations these days are designed to absolve people of personal responsibility. I was just following orders. I just did what the experts told me to do. I was just following the will of the people. No personal responsibility. No morality to it.

In any event, I find your post interesting. It's a rather knee-jerk reaction, peppered with lots of name calling - that frankly, I don't understand. I look at the fruit of government, and other large organizations such as big business, and while I can understand that they have benefits, I also understand that they have drawbacks - and one of those drawbacks is that organizations are not moral and that, by trying to short-circuit around personal responsibility - make it much more likely that people involved in it will do something immoral.

You can disagree, but it is observationally wrong - as you put it. Still, it is possible that you have made a mistake or even that I have (though you certainly haven't made a good case for it). I wouldn't rush to call you a moron because for one, I don't think you are - I regularly find your posts interesting. I just couldn't let this particular one go without comment.

Free Kevin Mitnick!

[Vectronic]

...oh wait... nevermind...

no

[circletimessquare]

it's my style, and i like it. i find it pisses off the kind of people who i want to piss off, who i'd rather not associate with in the first place

those who don't seem bothered by it usually also don't have a stick up their ass, their minds are more supple. brittle minds need the rigid formatting conformation to prop themselves up. the lack of formatting drives them nuts, simply because their minds are so feeble, not for any valid reason i should actually recognize and accomodate

so i've come to depend upon my lack of capitalization as a useful filter in chasing away minds i don't want to interact with anyway

I'm entirely capable of using the shift key at any time. I simply choose not to, consciously. And I never will use the shift key. Sorry.

go ahead and mod every comment of mine from here on out as "troll", i don't fucking care

this is who i am, i'm not changing for anyone, for any reason. deal with it or fuck off

Re:no

[Digi-John]

e.e. cummings is dead, and you are raping his corpse. What the hell is with twats who think, "I must do something different and obnoxious; people will pay attention to me and if they complain, I can just call them conformist sheep!"

You say brittle minds need rigid formatting conformation to prop themselves up, but aren't you being equally brittle with your dependence on another formatting convention--that of never touching the Sacred Shift Key? It doesn't make you special, it doesn't show what a unique and beautiful snowflake you are, it just shows the kind of attitude one expects from a 15-year-old with a Hot Topic wardrobe and a vague rage against the world.

Holy Hackers Batman!!!

[celtic_hackr]

You mean now I have to change my Nick, because of the clueless masses?

No thank you, I'll continue to call myself a hacker and continue to hack radio controlled cars into drinkbots, collect, demolish and reconstruct all manner of mad science electronics and yes, even hack my computers. What do I care what the ignorant masses think, and if they fear me, then so much the better. I've been hacking for nearly 40 years, and I'm not going to give up the word so easily.

And yes I tilt at Windmills.

I don't care if I wind up being the last White Hat Hacker, I will not go quietly into the Night.

There should be Rage at the dying of the Light. The meaning of words change when those who use them let them change. Perhaps the best we can hope for is a word with dual meanings, but we should not give up so easily. We should instill the true meaning into the next generation, only then will we be able to preserve and perhaps reverse the decline of the word. I've seen people using the word "ethical hacking" to refer to hacking opposed to cracking, so there is yet some hope.

Beatdown on 13-year-old hacker?

[Dmala]

Did anyone actually read the blog posts from the guy who put the "beatdown" on the 13-year-old hacker? Maybe I'm just too cynical, but it sounded like a bunch of hooey to me. The chat screenshots especially didn't ring true. A real story about putting a script kiddie in his place is at least mildly interesting, but a self-aggrandizing story of a fictional beatdown on fictional hackers (if that's what it is) is pathetic, at best.

i am being childish and petty, yes

[circletimessquare]

and my comment was laced with insults directed at you, while you made a polite request laced with compliments

i am entirely aware of all of that

one wonders why you think that matters

"If anything, you have only served to reduce yourself to the level of the so called 'feeble minds' you complain about by resulting to childish defensive name calling."

a feeble mind is a brittle, inflexible mind. asperger's type people. anal retentive. minds set in their ways, compulsively fixated on form, such as grammar, completely empty in the realm of function, the content of one's thoughts. these are minds that are often scrupulously correct on the small feeble pointless questions of grammar, but utterly empty in the realm of interesting mental content

it is of course possible to have good grammar, and interesting content. but i just simply don't care. it is more interesting for me to wage war with those fixated on the value of aesthetics over actual content. this war has absolutely nothing whatsoever to do with the agenda at hand, but it has evertyhing to do with my own personal agenda. which i hold in greater regard than the common agenda

so to the character failure of childishness you accuse me of, i add the following: arrogance. but either of these character failures on my part, the arrogance and the childish defensive name calling, is completely unlike the character failure of having a small shallow brittle mind

so i entirely own up to my character failures. i accept your charges against me, i validate them. and i have absolutely no interest in correcting them. i am however, fixated on pissing off feeble minds obsessed with shallow form over actual deeper content of one's thoughts

in short, thanks for the compliments. and in return, i say: good day asswipe ;-)

xoxoxoxoxox

well then

[circletimessquare]

allow me to short circuit your entire thesis with the following dumb as bricks obvious observations:

1. it is an absolutely inherent aspect of human nature to form organizations. you will never stop human beings from doing this, short of fundamentally altering human nature itself (thats scifi, btw, not reality). if you destroyed every government, religion, or other organization on the planet, new governments, religions and other organizations would spontaneously form to fill the vacuum. its completely unavoidable: you are dealing with a social, hierarchical primate

2. a human organization is, by nature of specialization, orders of magnitude more powerful than the sum of its parts, and additionally, many many orders of magnitude more powerful than the individual. no group of individuals (nevermind the ironic ddefinition "group of individuals") can possibly surmount that power. is it right? is it wrong? is it ethical? is it corrupt? doesn't matter. it exists, and it is powerful

in short: get used to what you hate. 1. its not going away. 2. its more powerful than the individual. work THROUGH organizations, reform them. destroying them is like cutting yyour arm off because you have a hangnail: stupid, and you don't understand the proper approach to the problem

some day im going to die. i dont like this fact, but i accept it and incorporate it into my worldview as an insurmoutable truth

organzations will always exist and will always be stronger than the individual. you can deny that obvious reality, or you can incorporate this insurmountable truth into your worldview, and therefore more effectively fight the abuses you hate, abuses you hate for good reason

i respect your heart. you are outraged at the crimes you see commited by government and organizations. and rightly so, and i share your outrage. however, although you have heart, you don't have the mind to go along with it, and so you are useless

marry your passion with a better understanding of the reality of what you are fighting, and thereby be actually effective in fighting it

perhaps you could organize a group of individuals to fight the crimes you see (i hope you get the joke)

oh, i forgot the name calling: good day, moron ;-)

xoxoxoxox

Re:well then

[daigu]

So, let's see. I presented an argument that basically stated that organizations are inherently amoral and if they are amoral, they cannot be a force to enculcate morality - as you suggest. Your rebuttal is that organizations exist - which really doesn't do much to shore up your argument for the government forming people like a clockwork orange. Not making much of an effort are you? But then again, insults are easier than actually defending your position from legitimate criticism.

i dont do it

[circletimessquare]

because i think it makes me special

i do it because of the kind of people i piss off by doing it

i don't think i am special or unique or notable

but i do think i annoy you (and i obviously do, by your post), and that is the source of pleasure which drives my behavior

because the kind of people i annoy by doing it, are the kind of brittle asshole i hate

so thanks for feeding me ;-) i am redoubled in my efforts ;-)

xoxoxoxoxox

Wrong Non-Youthful Perp

[Void_Ptr]

Robert Tappan Morris (Morris Worm author and computer science pioneer) != Robert Moore (Idiot Perp from the article).

it would be nice if criminals learned their lesson

[museumpeace]

...but it would be criminal if University of California did NOT learn a lesson from its brush with hacking.

then let me be brief:

[circletimessquare]

organizations exist

always have, always will

therefore, the solution to the abuses you (rightfully) see involves working through organizations, tweaking them, not working against them, destroying them

because you can never destroy them

do you understand that?

furthermore, no organization can be 100% ethical. all you can do is CONSTANTLY work with them to make them as ethical as possible

"I presented an argument that basically stated that organizations are inherently amoral and if they are amoral, they cannot be a force to enculcate morality - as you suggest."

let me be clear: organizations will never be 100% ethical. but with hard, constant work, by people with your heart, but a better mind, they can function at 70-90%

as for "I presented an argument that basically stated that organizations are inherently amoral" is such low iq teenaged nihilistic emo bullshit, it is beneath my ability to stomach the hand holding intellectual charity work to show you that you are wrong. you're wrong, you simply are. that i am not defending that statement is not because i don't have a defense for that statement, btu that i don't have the desire to engage in the intellectual chairty work required for you to understand the fucking obvious

but i'll throw you a bone:

http://www.msf.org/

so, figure it out yourself

or remain a useless emo retard ;-)

xoxoxoxoxoxoxox

Re:then let me be brief:

[daigu]

This is quite a different argument from your original. On one hand, you want the government arbitrarily shaping individual morality like a cloakwork orange. On the other, you want to pretend that individual people, working together, can move the clusterfuck that is any large organization into some approximation of ethical behavior.

Let me also toss you a bone, can you tell me the difference between Doctors Without Borders and the U.S. government - or say an organization like GE? One has a budget slightly higher than 100 million, chump change at the organizational level. The others are orders of magnitude bigger - which provides a hint at the law here about the larger the size the more influence and less likely we get toward your hypothetical 70-90% of ethical behavior or anything even remotely like ethical behavior.

Re:*sigh*

[argent]

what is interesting about that SPECIFIC example? frank abagnale made specific powerful technological innovations.

Pretend you're talking to someone who doesn't watch every pop movie that goes by on the idiot box, but who has (a) been involved in real life situations where someone supposedly came up with really clever new tricks but turned out to be just another script kiddy, and (b) has personally watched reporters (let alone people making docudramas) screw up fundamental facts like this.

Your mission, if you choose to accept it, is to (a) support your characterization of this fella, and (b) demonstrate that this kind of case is common enough to be used as the basis for policy.

a valuable social skill in life in ANY job is getting people to listen to you

The best way to do that is to cost them a lot of money (or threaten to) or earn them (or save them) a lot of money. The easiest way is to cost them a lot of money. Pity it's unethical.

A valuable skill in any manager's job is learning to listen to the people working for you. I've had the pleasant experience of having managers with that skill, and I've saved them a fair amount of money as a result.

a valuable social skill in life in ANY job is getting people to listen to you

Like, say, by taking the piss from people who think you're a twit for not bothering with ordinary punctuation?

(oh, didn't I mention, I didn't lose my job to a crooked ex-con... this isn't about me, you'll have to try harder to piss me off)

Ok so

[Sycraft-fu]

If I come and expose the gaping security holes in your house, you'll be ok with that? If you come home and find me milling around in your living room or rifling through your things, you won't get mad right? After all, I was just exposing the security holes, I didn't do any harm!

If you aren't ok with me going through your things without permission, I'd have to ask why you are ok with with breaking in to someone else's stuff. You can't have it both ways, if your stuff isn't fair game, why is their stuff fair game?

And please don't pretend like you have any serious home security. I'm quite sure you have a standard pin-tumbler lock like everyone else in the world. Not only is it trivial to pick, but I don't even need to do that. Since the blanks aren't controlled I just get a blank and make a bump key.

Re:Ok so

[neomunk]

Okay, now is it okay for me to explore the security holes in MY OWN house? Of course it is.

If you consider an election to be someone else's PROPERTY, then you are another brick in the wall sir, and will be torn down and tossed aside as your relevance becomes increasingly diminished.

so i see that you concede

[circletimessquare]

that organizations like msf can do good

now you babble on about how they aren't the big organizations

to borrow a phrase from you: "This is quite a different argument from your original."

just grow the fuck up already. take your heart, which is in the right place, and try to grow a fucking brain on top of it. because right now, your current set of operating assumptions about how the world you live in works is pure teenage crap

you'll get it someday

good luck kid

Re:so i see that you concede

[daigu]

The fact that there exist organizations that can do good, doesn't negate my original argument - which was directed at government. The fact that you are sloppy with your opponents arguments as you are with your own, isn't a reflection on those arguments. It's a reflection on you. Further, your crutch-like use of phrases like "teenage", "kid" or "emo" at every turn - adjectives that have either never described me or haven't been appropriate for decades - shows not only a need to work on your vocabulary but your underlying mentality that can't be bothered to deal with actual people or actual arguments.

you aren't a chronological teenager

[circletimessquare]

but you are most definitely a teenager ideologically

Re:the responses keep getting bigger

[argent]

i think i am pissing you off

Thanks. You made my point for me.