Slashdot Mirror
Hacker Generation Gap
zootsuite writes "Here is an Interesting Article on how the incredible growth of the hacker community has created a rift between young and old-school. References to l0pht and cDc. Quite a few of the old-school folks are going commercial now. "
Hard to buy a house, save for retirement, or get that cool new SUV without "going commercial."
Hacking is fun, but getting paid well to do it is even more fun.
OK.. once more again:
Linus is a hacker
L0pht is a lamer, i mean, a cracker
"HACKER: a person who works on computers and software code; this does not necessarily mean that such person works with, or against, computer security"
Just curious... what's your definition?
-D
dcross@cryogen.com
The article might be more convincing if the author
knew what he was talking about. He refers to
"phone-phreaking" as cracking a remote computer
over the phone lines. Not what it meant then, not
what it means now. Phone Phreaks just made long-
distance calls for the phun of it, taking
advantage of the international switch to tone
dialing that they could phake.
I know someone who's very good, and he has no money. But he's reluctant to approach a potential employer and describe his skills. He sees himself as being pretty far outside of the mainstream of society, far enough out to make crossing back difficult or even impossible.
Is he smart to be paranoid? Do people really approach these security firms and tell them that they know what they're doing because they've cracked into systems?
How do people establish credentials without incriminating themselves?
... Considering that's a Sun monitor and Type 5 keyboard, I doubt he's working at his 'PC'..
Gotta love the clueless retard media and their silly handwaving.. *THWAP*
...just don't go proprietary.
There is a blue box within the article which defines the differences between hackers and crackers.....and yet in the first few paragraphs they get it all wrong. Duh!
Phreaking NOT equal to 'hacking remote networks over the phone'. Phreaking IS equal to Hacking the PHONE network itself. Period. Making free phone calls. Period.
Although there is a destinction between the two generations (or 3) of hackers out there (I use the term loosely, don't start on me), this has partly to do with accessibility. In the 80's (I can't speak for the 70's, I was too young dammit), this wasn't something every bored kid could decide to do.
These days, a bored kid with half a brain can meet some buddies on the net, and based on who insults who the most, can go hack some site, do some warez (defined, to me anyway, as 'any software acquired without regard to the legality or morality of doing so. non-judjemental software distribution), etc, etc...
The old school way was to question technology, suspect things were simpler than they seemed, and go figure it out. (ie: original bank machine wire heists, phreakers - of course, they're hackers too, people who lied on their resume and didn't get caught... etc...
I see words like "boyz" and "toyz" written more often, should we accept this as correct?
Nor is "lite" a word at all, but it pops up everywhere. Should this be accepted as correct too?
This concept of accepting linguistic errors as "correct" came to a laughable pinnacle when the Oakland School District attempted to integrate "Ebonics" into the school cirriculum. What should the lesson be from this?
Uneducated verbiage is something that should be corrected, not simply accepted as correct, the result of which would be a "dumbening down" of society as a whole, which unfortunately, seems to be the trend as of late.
The job interview should in no way be the decide-all end-all to who gets the job. There are a lot of people in technical fields who are brilliant in their field, but crumble in an interview and look terrible, while the marginal interviewees who can slick through the interview process wind up with the job. If you're totally new to the workforce, offer to work for cheap or even free for a brief trail period. Nothing shows your skills better than actually showing your skills. By the time you get to the next job, you'll have work experience on your resume to carry you from then on.
It's really quite simple. If you're too stupid to think of any way to make money besides coding proprietary software, somehow I doubt you're bright enough to be coding in the first place...
- RF (dfelker@cnu.edu)
sheesh...them olden days was golden days...
- RF (dfelker@cnu.edu)
*CRACKERS* use the word hacker to describe themselves because they think it makes them sound 'l33t to their skr1pt k1dd1e friends on efnet. Hackers (the few that exist anymore...), hacking `fans', and other enlightened persons use the word to mean hacking, NOT cracking.
- RF (dfelker@cnu.edu)
As for compilers, GCC is handled by the FSF, and afaik most of the development is done on the inside. As I understand it, submitting code to FSF projects is not a simple matter, and any malicious code would be easily detected. Other compilers such as egcs might be vulnerable to such tricks, but what you fail to realize is this:
All competent maintainers read all patches submitted in their entirety. With Linux (the kernel, for those of you who think it's an os), you have many many people with nothing better to do sitting around reading every line of every kernel patch, so you're even more secure against malicious code.
I don't really see anything like this being an issue, except for cases in which the attacker modifies the code directly by gaining access to a machine on which it's stored - in which case the danger is no greater than it is for proprietary software.
- RF (dfelker@cnu.edu)
As OSs become more and more secure, virus writers will have a harder time continuing their craft and not being able to have their virus do as much damage even if they can write one. This is bad news for anti-virus software companies. They need viruses to exist and proliferate to keep "the threat" active so there will be demand for their product. Don't you ever suspect that they're designing new viruses themselves and releasing them into the WaR3Z community to spread 'em?
Well, the press rarely has correct definitions of anything, but most of the people whining about the correct definition of "hacker" are ridiculous. You did not say what your definition was, but I suspect you are the type who tries to relabel real hackers as crackers and take the word hacker to mean just about anyone who uses a computer. *yawn*
I guess it does not really matter what you call yourself, but please spare us the whining.
It seems pretty elitist to assume that the English language is all-encomposing and, consequently, has no need to evolve at all. All the words in our language right now have come from people using them normal day life. If you don't like this, maybe we shouldn't have any words in our language at all.
That's a pretty tight description. I'd call a cracker anyone who does a lot of destructive shit to networks and information...or something like that.
I want to be able to say "I hack Linux" without being stared at as if I'd just said "I rob banks." There's no other widely-recognized word for what we do.
Some crackers *are* hackers - the ones that are smart enough to find security exploits themselves. (I don't see what's so interesting about doing it, but it still takes the same kind of smarts the rest of us use.) The rest are vermin, and I for one resent their trying to corrupt a useful word.
Linus is a hacker
L0pht is a lamer, i mean, a cracker
I am sick of this. I want you to do yourself a favor. walk out of your house, find some random people and ask them what they think a hacker is.
I hate to break you little thoughts about
whats - what in the world, but 90% of the people will answer the question with "someone who breaks into computers". Diferentiating between people who design and write exploits, & have some skill (hackers)those who don't (crackers) is no problem. The thing is that you want to say "hey, baby, I am a hacker. Breaking into computers? No you got it all wrong, hackers don't do that. I am a hacker."
You make me sick. Get a life.
I'm so sick of hearing ppl rant about crackers becoming 'the next mitnick', as if he were some sort of leader in the hack/phreak scene.
Mitnick was a script kiddie, not a leader. He didn't find his own exploits or write his own tools. He was a begger dork.
Shimomura even sniffed sessions of Mitnick begging jsz (someone with an actual clue) for exploits.
If you are too stupid to figure out that 'proprietary' software is a fact of business then maybe YOU are too stupid to continue pursuing a job you are so obviously unfit for...
I was there. Some magazines like TAP tried to spread the word about blue boxes. But building one implied that you whip out a soldering iron and construct it from discrete components. Not impossible, but it took some organization.
Once I got the whole mess assembled and beeping,
there were stability problems related to battery drain. It was difficult to locate a frequency counter to tune the box.
I stuck with it, though. When the 555 came out, that solved my unstable AF oscillator problems.
And made the assembly process much easier.
Anyway, that is how it was. We had a lot of wannabes even back then. I agree that the entry barriers seemed a little higher because of the hardware requirements.
These days, you must be very sophisticated to succeed. And the stakes are higher. People are looking for trouble and they will bust your ass.
I have a house, a family, etc. People depend on me to put bread on the table. I think I'll sit and watch the new generation. More power to you.
HeY aLl Of Us HaCkErZ aNd WaReZ D00Dz Be Da ElEeT.
We KnOw ThAt We ArE C00L BeCaUsE We TyPe EvErYtHiNg In ThIs AwEsOmE UpPeR L0WeR CaZe WaY
YoU TuRdS ThAt DoNt TyPe ThIs WaY HaVe ZeR0 C00L.
HaCk ThE PlAnEt!!!!!
Okay...so you're saying that 14 year olds download scripts from rootshell and use them, and they *think* they are the next Kevin Mitnick?
Hey guys...Kevin's nothing but a carder, script kiddie and general insult to the rest of the computing underground. It's fashionable to say
"free mitnick" but I dont want him out of the slammer. Anyone who can code in C can shit all over Mitnick. Mitnick is a loser baby, so why don't you kill him?
AntiOnline is a bunch of horse-shit. I mean, the guy interviews Analyzer and buddies.. and takes him seriously. Earth calling Reality, come in Major Tom..
I thought the whole BO thing was a little comical, although cDc's ``foreign minister'' seems to be saying some quite intelligent points, so kudos to him.
What I think really sucks is 14-year old script kiddie twerps who do nothing but sit in shitty wannabe-cracker chans, download scripts from rootshell and use them, thinking they are the next Kevin Mitnick.. kinda sad, really?
This brings up something I've wondered about. I'm not sure if I'm worrying over nothing, or if this is a big class of threats that's not being addressed.
Malicious developers could hurt linux by contributing bad code. Anyone with money who had an intrest in hurting linux could pay people to do it. It wouldn't be expensive.
Code that just doesn't work or which is needlessly inefficient would probably be noticed and fixed. But deliberately introduced security holes are another story. They don't give any external signs of their existence.
To me, it seems like the history of computer security proves that any possible attack, no matter how obscure, will be mounted. You can't ever say, "well, that would be possible, but no one would actually do it." They would, and they do.
A couple of weeks ago, somoene posted a link to a famous paper (can't remember who wrote it, sorry) about infecting compilers with code that puts backdoors into the programs that they build. It's extremely subtle, almost impossible to detect, and even if you compile a new version of the compiler and start to use it, you're vulnerable.
More recently, there was a story about someone who cracked an important linux ftp archive and installed his own copies of system software.
I think we ought to start thinking about these issues more seriously, and to try to develop a model that can resist them.
It seems to me that ee need more rigid security standards, ftp servers with audited security (at least the major ones), and code review policies for core packages.
:-D bwaha, sorry. Couldn't resist. Oh, the good old days.
Read Heinlein's 1953 Revolt in 2100, now more than ever.
----
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
Actually, there are some interesting things about Ebonics that aren't in proper English. I don't know much about it but I am still interested in learning more. The 'habitually' modifier, 'be', for instance. It's not just 'is', at all. There is an implication of frequency. For instance-
;)
"He hacking" -means he is hacking.
"He be hacking" -he always hacks, he is a hacker.
Thus, constructs like "He makin' sense but he don't _be_ makin' sense" which means "He is making sense but this is unusual enough to point out that usually he doesn't make sense".
-Chris be nitpicking
Whyyyy, back in MY day, if we wanted to hack something we had to do it the hard way, with a pick ax or hatchet! And we didnt HAVE these fancy computers you kids these days to...we use mainframes that would fill a small airplane hanger, and we LOVED it, damnit! We bootstraped everything by hand, and again we loved it! Oh, excuse me, I have to take my medication now.
---------------------------------
HotsOS home http://hotsos.8m.com/
That's like saying, "Thank God for all the murderers, rapists and tax evaders! Otherwise, our policeman would be out of jobs!!"
Your "white hat" hackers are far more of a boon to the security industry than the "black hat" crackers.
They're talking about crackers, not hackers...Goddammit!
Isn't it nice to be idealistic?
*sigh*
I only wish I could still have your optimism, and still make a living in the real world.
- Sean
- SeanNi
- SeanNi
- #include "standard_disclaimer.h"
before i even got to the bottom of the post.
"Genius may have its limitations, but stupidity is not thus handicapped." --Elbert Hubbard (1856-1915)
The guy didn't even mention LoD in spew on old-school hackers. Instead he mentioned l0pht as the oldest and most respected hacking group :) (ya right) Also, who the hell are the Masters of "Downloading"???
it was Brian Kernighan, for crying out loud!!!
and the backdoor was in the AT&T C compiler for Unix!
oh, you're right. how embarassing.
I have to admit I find it pretty ironic that an Anonymous Coward is calling the L0pht a lamer. For starters, the L0pht is an organization, not a single person (which could be a simple grammar thing, but just to clarify).
In addition, I would hardly classify as crackers an organization who, among other things, find security holes in supposedly "safe" software, then proceed to expose said holes through public Security Advisories. As far as I'm concerned, their work is a great service to the public (ie, I'd rather have them find holes in major software than others). Take a look at their page for more info.
The comments to the article are in red.
Attrition.org's dissection of mistakes in ABC News article on hackers...
diva Pasty Drone NewsTrolls, Inc.
Without people like L0pht, we would have no privacy, no security and no idea that we lacked both. (My US$ .02)
On a security note, check out my new Windows file system DoS attack. FAT filesystems are naughty.
Ex Machina "From the Machine"
xm@GeekMafia.dynip.com [http://GeekMafia.dynip.com/]
Ken Thompson's paper is here
SteveM
AntiOnline was mentioned in the article, is anyone else having trouble getting to that page today?
I got to it once, and it just said "hello2"
It's kind of painful having grown up in Lubbock with daemon roach underground (a bbs of CDC fame), and recalling posts that were immature, boastful, and at times raunchy, but part of a community, and then I realize that there isn't really much of a place to do the same now. The places that spawned bored adolescents such as death veggie do not exist now. All that's left is either the more reserved and on-topic places like /., and junior-high-child-frequented 2600ish places. There's no place left to rant, be amused, amuse someone, and learn to play with computers.
Kevin, if you're feeling at all upset about the scriptkiddies, chastise your underlings...in public, if possible. BO's not much more than an annoying prank.
Just like # has multiple definitions, so does hacker. Find something better more constructive to whine over.
One of the reasons that many of us have jobs and one of the major concerns of the of the idustry we are in is security. I actully think that crackers, how ever ethicly misaligned, are a boon to us. The fact that they exist gives us several things. First they give us a real and preasent threat, both to explain the necessity of secutity and also to keep us wary. Second, because of the nature of the cracker sub-culture the cracks or the methods used for the cracks are accessable to us and thus we learn our weaknesses. Because crackers are vocal we learn about each potental problem quickly, if instead the real counter posibility of idustrail espionige, who would be less likely to be vocal.
Spyder
Once again, the press has a differing definition of the term "hacker" than I do.
last i checked, l0pht had received
quite a few "thank you"'s on bug
lists and the like (including red hat
site errata)...
what have YOU contributed lately that
makes you worthy of calling l0pht a lamer???
"All that glitters is not gold"
If we think most of the cracks on companies come from kids who are using the right tools to the wrong ends, then why is it 72% of the corporations immediately think their competitors are responsible. I know I'm paranoid, but 72% is extreme paranoia IMHO.
And another thing, why the hell are hackers getting all the negative publicity when the companies think their competition is responsible? I know half of the reason is due to the media's lack of knowledge on the definitions of "hacker" and "cracker", but there's gotta be more to it.
Cordova
shrug -- Can't lurk all the time --
My microbes must have translated that wrong! - Aeryn Sun
You can anounce to potential employers that you are a hacker but you have to be careful about it. When I was hired it was a well known fact that I am hacker (not elite) and I made it well known that I am a white hat (you gotta stress that). Unfortunately the security culture where I work is down on hackers and wants any employee who knows a hacker to report their activities to security. This keeps me on my toes but angers me in that I could be fired for just doing my job!
Neil Cherry - Linux Smart Homes For Dummies
A) I type faster than you ever will
B) I can spell
C) What I type is legible ( that means that you can read it)
D) Most people write their own code. KIDDIE
A) I type faster than you ever will
B) I can spell
C) What I type is legible ( that means that you can read it)
D) Most people write their own code. KIDDIE !!
Here it is:
The internet counterculture used to predominate and have something relevant to say. As it became profitable to be a geek, money changed everything. Life isn't so bad when you make $60k/yr.
But as far as I'm concerned, hacking is a methodology, not limited to computers. If you can't "hack society" or see what the fuck is wrong with it, and you just sit there in your corporate cubicle sneaking peeks at Wired, then you don't know what the hell its all been about.
I grew up in the 80's telecom scene, which was highly subversive, and I stick to that today, with even more experience and knowledge.
The internet used to be about changing the world, and for a lot of people it still is. Just because a bunch of hackers have turned into Dilbert just confirms what everyone knows: throw money at a counterculture and you completely dilute its effect.
In other words, changing the OS at a corporation is not revolutionary. If it isn't subversive, it is irrelevant.