Slashdot Mirror
Impressive 'expose' on Hackers in US News
MrsMalkav writes "In light of all the other hacker
'exposes' that have been going on, this one article
is really impressive. It even has the correct distinction between
crackers and hackers (God forbid). They even mentioned
'script kiddies'..."
Reading Slashdot as I usually do and this story seems to be posted at 8:32 EDT Thursday 10th June and I'm reading it at 14:55 BST Wednesday 10th June. By my maths with BST being GMT+1, EDT is GMT+18!!!!
;o)
Where can I get the time machine from guys?
I think you're reading way too much into this.
Back Orifice is a name chosen by cDc, spoofing "Back Office." Obviously it has scatological connotations, but that's the name of the software, so what else could the writers of the article do?
Likewise, the term "back door" is probably thousands of years old, and is being used in a perfectly straightforward manner. The sense in which they're using the term is way more common and relevant than the gutter slang meaning of "back door."
...this is coming from someone who uses the name "RimRod"?
:)
Just kidding.
While Windows may not be the most stable operating system, and can get downright frustrating at times, it's good enough for those people who don't spend hours on their computers. I ran linux all during the school year, but now that I'm home I'm using win98 and WinNT. I've seen them crash on total 3 times in the last month and a half. Tons of people saw my Linux box, and heard about its stability, but they just weren't impressed. Only one of my CSE friends tried it out, but it was too much for him and he deleted it in a week. The masses aren't so ignorant as you would think
Funny how these cracked corporations are so willing to drop charges if you'll just shut up and not reveal to the world, or more importantly, to the company stockholders, how wide open and insecure their corporate LAN is. And what's with the FBI? Give us your computer, but you're free to buy another. Huh? Sounds to me like they're more interested in collecting booty than in "making cyberspace safer". Replace "computer" with "gun" and see if the FBI will let you turn in your gun after the robbery but still permit you to buy another. Yah.
No crackers are claiming they are hackers.
Hackers don't break the security of any system because they don't find funny at all, just completly lame
and sometimes you just need to crack a system to annoy someone
who's cowardly advertising shit on his site (whitepower.org was hacked), so there you go!
Yes: just fuck Free Speech.
try issx
"Hackers don't break the security of any system because they don't find funny at all, just completly lame"
So what exactly do they do? How do they find security holes and flaws, etc etc?
I was thinking the same thing. The FBI needs to keep his entire computer as evidence? What, do they think they're going to find "hacking evidence" on his sound card or something? The only thing they'd need would be the hard drive(s). I figure it probably _wasn't_ as much a matter of the FBI saying, "We'll have to keep this, but you can go free", as a matter of the FBI taking it, then deciding not to press charges, and saying "You want your computer back? Go ahead, try and sue us for it..." Take a look at http://www.fear.org.
i'd say the "especially dangerous" ones are the crackers distributed these 'scripts' in the first place.
Yes, sharing information is such a dangerous thing right?
yes, let's go after these people who distribute these programs without caring how they are used.
Then let's go after the physicists, because their discoveries can be used to make nuclear weapons, put them all in jail, the world will be a better place.
And if the engineers and computer scientists hadn't designed distributed networks, we wouldn't have this problem now, we should arrest all of them too.
Stop whining and deal with the facts of the universe as we now understand them:
Mindless destruction is part and parcel of male adolescence, most of the people who post here were teenage assholes from hell once, although reading their posts you'ld think they were all fucking priests.
If , as a teenager your first response to someone telling you you couldn't do something wasn't to try your best to do that thing and only that thing for as long as you could, then you weren't much of a teenager.
Know i must admit that there are great Crackers out there,but the majority are little 16 yr old punks with nothing more to do than to exploit some server with a program he DOWNLOADED! He didn't put the effort to think of what it does and he sure as he*l didn't make it.
the kiddies who download scripts today turn into the people who write the scripts tommorrow.
That's how you learn to program.
You run a program and see what it does, then you look at the code and take it apart. Once you understand it, you write your own.
hey, script kiddies, don't let them get you down. They're just pathetic pieces of shit who wish they were young and wish they had guts, instead of being stuck in shitty admin jobs where they don't know what the fuck they're doing and need someone to blame their screw-ups on. You can take them, they're old and weak........
Slashdot's has some sort of time misconfiguration, either that or the perl scrips that process the comments live in the twilite zone.
It's all quite noticable from Japan. Where it is now 16:25 on June 10th, which would make it 00:25 on June 10th West Coast USA and 3:25 on June 10th East Coast USA.
Ok, I'm going to hit the submit button now, let's see what the time stamp sez.
Dude, I prefer the more politically correct term "White Trash". You know, like it "White Light, White Heat, White Trash..."
anyway, let me digress in to emptyness a little further...
The term Hacker has some root in American History with regard to fringe religous movements. I beleive Hackers were the folks who provided the Shakers with the wood for their furniture...
...and for these of you who just "don't get it" (i.e. the mentally impaired) that's a joke and a damned funny one at that!
Yeah, two year, one $65K a year job and no charges later, I'm still waiting for my gear. My lawyer say I might get it back before the end of the year, but somehow doubt that it will be in the same condition.
All because the network administrators at one of the nation's most prestigous universities (stanford, if you must know) can't keep the telnet hijackers off their systems. pathetic...
Moral of the story:
Don't go to stanford, don't work for SAIC, don't sign super restrictive pre-employment contracts and don't trust ANYBODY (not even your own fscking mother). If authortities come knocking, run, don't walk to your nearest lawyer. Your first instinct will be to help catch the bastards who used you as cover, but the heat just wants a name to use for the "To:" field of their summons paperwork. If you've got a past (speeding tickets, teenaged shoplifting, anything), you're an obvious recidivist who needs to be taught a lesson.
Anybody know a good employment lawyer who want to take an interesting case on commission...uh I mean contingency?
I consider myself young (gee 19 years old isn't that old
All people that don't like script kiddies aren't sysadmin that are bored by these stupid kids, some are people that would perfer these scirpt kiddies to grow up and do useful programs.
If when script kiddies grow up they write scripts for other then they haven't really grown up, htey just have more knowledge but not more wit.
Writing programs to know about computer security and test them can be interested but if they distibute them to allow people without knowledge to harm other people they are less than shit.
The only crackers I have respect for are the ones that try to find new security holes, not those that use old ones to harm people. of course you first need to learn with old ones, but when you know them well why continue to use them?? That's not interesting any more. What is interesting is to find new holes and be the first to find it. This is more interesting and also more mature because this can help to patch not yet discovered problems.
try to grow up kids.
BTW: being youn dhas NOTHING with how old you are. being young is a mentality. Script kiddies have not the mentality of young people, they have the mentality of stupid people, they just happen to be teenagers.
Crackers are also hackers, they are the same
words for different people. Okay, script kiddies
are definitely no hackers. But people with elite knowledge of a system, who can break into a "secured" system is also a hacker. Just like a ball can mean that thingie which you use for soccer and those thingies in your pants. It's just confusing for people who don't really know who's doing what....and sometimes you just need to crack a system to annoy someone who's cowardly advertising shit on his site (whitepower.org was hacked), so there you go!
Posted by Mike@ABC:
Yeah, this piece is an ad for ISS. They certainly should've called other so-called "white hats." And I would've liked to have seen comment from the cDc or other hackers in response -- they're NOT hard to reach, and they're generally nice folk.
However, this piece does give a pretty good thumbnail sketch of hackers, crackers and kiddies, and lays out the basics of how things work between them. U.S. News readers likely don't see much of that, and it's good that someone got that stuff right for a mass audience. I've covered the hacker community, and believe me, it's hard!
It really is a shame they didn't use more sources. That would've made this story truly l33t!
Any ideas?
Werd.
Some groups and people are grey hats; shady characters, but still make useful contributions. I wonder what they'd say about L0pht...
is at http://cgi.pathfi nder.com/time/digital/daily/0,2822,26529,00.html
This one with quotes from Eric Raymond and Emmanuel Goldstein
less talk, more synthohol
They seem to be traded on NASDAQ.
Regards, Ralph.
There seemed to be some disfavour upon hiring "Black Hats". This seems entirely logical to me: who could better aid you than an ally of the people you are trying to stop? There are of course concerns, like 'are they loyal?' and 'are they gonna crack us instead?'.
I like the bit about "NT is too unreliable... (et al)". Ha ha.
PS: I wonder what the intersection of the Script Kiddie realm and the Warez D00dz realm is like... most likely it looks like a 14 year old's bedroom.
Four-digit slashdot ID. Recognize.
All in all this is a very good article. I have one problem with it, though, based on a silly little thing which doesn't have anything to do with the topic of the article:
Last summer also witnessed the debut of "Back Orifice," which grants unauthorized users remote access to machines running either Windows 95 or Windows 98, the operating system of choice for most home computers.
Last I checked it wasn't the OS of choice, but of taciturn consent. Didn't work for Louis XIV... Ahwell. Otherwise I'd love to see more articles like this.
---
"'Is not a quine' is not a quine" is a quine.
"'Is not a quine' is not a quine" is a quine.
Quine "quine?
I think some people don't realize what a "coup' de-ta" this article is. I have been reading US News and World report for 5 or 6 years, I have watched their political nutrality dwindle. They are a big business magazine, typically with republican style adds and endorsments. That all but spells out guess what other financial relationship... I have spotted as many at 10 full page Mircrosoft ads in a single 45 page magazine. The ice was broken a few months ago hey did a feature on Linus, Eric Raymond, and Redhat, but that was really the first mention of Linux ever.
The shocker was this line... "Security profesionals deride Microsoft operating systems, in particular, as porous and unreliable, often crashing and leaving themselves open to attack."
The staff at US News has got to think Microsoft is a dead duck in the evolving OS war to defect. They get BIG bucks from M$. Lots of CEO's read and base there market decisions on US News. This could be a very important gauge of things to come.
Novel theory: Modern Man evolved from psychopath
Rather than claim to have an original bone in my body, I found Hacker News Networks description of the article a little less glowing. I also wonder if the Greg Shipley mentioned in the article is actually Pete Shipley.
From http://www.hackernews.com/arch.html?0608 99
ISS Gets Free Advertising
contributed by lamer
Here's a nice 'adverticle' for ISS. ISS must be really wonderful because they have "tangled" with cDc, that horrible hacker group that makes Microsoft's life "miserable". I don't suppose it's possible that MS makes its own life miserable by putting out 3rd rate software? Nah. And I don't suppose it is possible that the author of this article did any research other than contacting ISS? Nah.
Why can't I moderate something "Wrong" or at least "Grossly Misinformed"?
enough with this "correct distinction" nonsense. One article isn't going to make a difference. Hacker is always going to be a bad word after that movie where that kid almost sets off WW3
---
Suppressing the speech of another just because it dosen't happen to be your favorite flavor is just wrong. It wouldn't be right of me to walk into your house and start trashing your place because I don't like the style of your jeans. Maybe I hate people who like blue jeans, because I happen to be a black jean wearing person. As long as freedom of expression dosen't hamper someone else's rights, then the person has a right to express himself in whatever fashion so chosen.
You support damaging someone's property because of their views, yet I doubt you would be too happy if a nazi guy kicked your ass because of your views. Just because you don't like someone's ideas dosen't mean you have the right to suppress them. Is mindlessly destroying someone's property going to change anything for the better? Using my previous example, would you suddently realize the error of your ways of wearing blue colored jeans and become 'enlightened' to the ways of black jeans? Many, many people have been killed and tortured because of this kind of ignorant intolerance.
It appears that `lamer' has chosen a good handle for himself. Anyone reading the article would notice that the article itself quotes several notable people as saying that Microsoft's poor security is a major part of the problem, and that many non-ISS people (e.g. Marcus Ranum, who pioneered firewalls as we know them today, and is directly quoted attacking NT's security) were interviewed. The author obviously did plenty of research.
While the article is not perfect, it's about the best thing I've seen in the mainstream media on the subject. Yes, ISS gets more plugs than they perhaps deserve. But you can't do a "white hats vs black hats" story without interviewing the best-known and most financially successful white hats.
"some system administraitors dispute the distinction" (between 'hacker' and 'cracker'),
unless they just mindlessly lump them all in the same catagory as 'unprofessional computer tinkerers' - hacking, or rightly put, 'experimenting' is an essential part of learning, (sometimes by mistake or trial and error) and needn't be kneejerkingly associated with malevelant criminals.
Chuck
try { do() || do_not(); } catch (JediException err) { yoda(err); }
"Security professionals deride Microsoft operating systems, in particular, as porous and unreliable, often crashing and leaving themselves open to attack. "Windows NT is slow, it's buggy, and we don't trust it," says Marcus Ranum, founder of the security software company Network Flight Recorder, who faults NT-centric networking strategies for contributing to decreased security."
I don't think that the Slashdot community will ever come up with a term for people that try to break into other computers that will satisfy everybody.
I think "cracker" is a much better term than "hacker," though.
George Orwell's _1984_ came up with an interesting way to "prevent" crime by removing words for the different categories of crime from the language (double speak). So, things like rape, murder, stealing, and presumably taking too large a deduction on your income tax could only be expressed by the word "crimethink." Apparently, if you can't express the exact nature of the crime, it may be harder to commit.
I think the term "script kiddies" is perfect for some of those with too much time on their hands, since the term is so patently offensive to those that are being described.
If you want a better word than "cracker," you might want to consider the much simpler (and more Orwellian) "low life." [smile]
My own opinion, of course.
--
"May I have ten thousand marbles, please?"
This is my favorite quote from the article:
"Windows NT is slow, it's buggy, and we don't trust it," says Marcus Ranum, founder of security software company Network Flight Recorder, who faults NT-centric networking strategies for contributing to decreased security.
This is really going to help me overcome any remaining resistance to the idea of beginning a migration from NT to Linux at the company I work for.
Life's a bitch but somebody's gotta do it.
so it seems that ISS are running around jamming fingers in dykes
While Merriam-Webster says that "dyke" is an acceptable (mostly British) spelling of that particular word, in general, I thnk it's more socially acceptable to jam fingers into "dikes".
pooptruck
I'd classify the "script kiddies" as dangerous. My system is pretty much immune to them, sure, but their attempts create so much security-related "noise" that the attacks by truly competent crackers get buried in the logs under tons of garbage.
i'd give him especially annoying. i'd say the "especially dangerous" ones are the crackers distributed these 'scripts' in the first place.
Actually in one way script kiddies are more dangerous than crackers. Crackers generally are more knowledgeable, and better at covering their tracks. This in general means that they usually don't do malicious things or disrupt the general operation of systems because that would give themselves away. Script kiddies, unfortunately are often malicious little brats who don't have the self restraint not to trash things or are clueless morons who unintentionally destroy things.
White hats, black hats... what about Red Hats?
It certainly isn't a black and white world, and I think that the author of the US N & W R article realizes this, and I'm sure most of
I suppose it's inevitable that stronger and stronger countermeasure forces (like the ISS etc.) will emerge, but it ups the stakes. The "[Crack|Hack]er war", _like_all_wars_ can only escalate.
Only by getting more secure products out there, and/or educating admins, I think, can the hacking *problems*-- the really anoying (pointless web page defacing) and wicked harmful (destruction of important data, theft of cc #s)-- be reduced.
Either I really don't understand what a hacker is (I'm not one yet, just a wannabe but thought I understood the def) or they are wrong or i really don't know how to learn English.
The way I understood what they called hackers or "white hat hackers" in this articles are people that are on the other side of the fence and help do network protection (like ISS). If this is what the article is meaning I don't agree that it is the definition of hacker. Maybe the guy at ISS are hacker but this isn't that that give them this distinction.
For me a hacker is someone who belong to a human society that have the characteristics (the society) to have a high global technical level in computer science domain and is a society of gift. That is I'm a hacker not only if I am a good at using computers (knowing how to use a spreadsheet doesn't count of course) but also if I do something to the hacker community and agree with the ethic of this community. I personnaly know how to use computer (there is a lot of things i don't know but I know how to learn them for most of them) and i really love the hacker ethic, but having never done anything for the community (writing free software, maintening/traducting an howto or a manual, administring a mailing list/a website...) I don't call myself a hackerm just a wannabe (and a newbie).
I am the only one that understand the word hacker like that (in the main line at least)???
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers." Bill Gates,
The problem with Hacker is that it now have two different meanings in the same domain (computer science) and that these meanings are totally different (on refer to something illegal and stupid the other to something legal and not stupid at all).
If we use Crackers to refer to people that break into system computer we have the same problem but "less worse". I don't care that it may refer to people in the south of the USA because this meaning is not computer related and therefore isn't that annoying. I care more that it also refer to people breaking software security in order to copy them because they both are computer related.
So we end with either calling these two groups crackers and referring to them as people cracking software security and do a distinction between two or three groups, those that crack software securities to gain the control of a computer (the hacker/cracker crowd), those that crack software securities in order to be able to redistibute these softwares (the warez crowd) and optionnaly those that do DOS (Denial Of Service of course) and Script Kiddies (they often are the same i think).
Or we have another solution, find a new word for the hacker/cracker crowd (those that break into computers). If we choos this one I would propose breackers, not that I particulary like this word (but I don't care since I don't want to be one) but since they are breaking into computers that describe them pretty well. and if this word don't sound appealing why should we care? We don't have to make these things appealing.
Just my 2 cents.
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers." Bill Gates,
Check out http://www.hackernews.com/arch.html?0608 99 for their take on it. Seemed like more of an ad for ISS and I tend to agree. Though, they did get the terminology more correct than most articles.
Do really dense people warp space more than others?
forget cracking though, think about hacking your own site!
--
Rare Window - free your photos
You forgot one of the oldest and most time-honored:
"One who makes furniture with an axe."
Wow Off topic but you actually were able to stay awake through that one...
Also whats so wrong with having scripts some newbie hacker kid didnt write them it was some experienced lazy sod that did and made them available for everyones enjoyment and learning.
Ya like i'd believe me if I was you!
Not to mention the fact that, buried near the bottom of the article, there is a pre-announcement of the upcoming release of Back Orifice 2000.
Do they have a beta program?
Geeky modern art T-shirts
"Hacker" means(in rough chronological order of emergence)
1) A driver of a horse-drawn carriage (hansom cab)
2) A Taxi driver
3) A not-very-proficient Golfer
4) a poorly-skilled pilot of Radio Control Aircraft
5) a certain type of computer programmer (i.e. one who hacks up a program rather than being more methodical about development.)
I suggest that we use the word "hacker" to refer exclusively to Taxi drivers, and refer to people who crack other's machines out of malice as "Vandals", "Jerks", or "motherfucking script kiddies."
We should also refer to allegedly professional sysops who leave holes on their hosts that you could drive a truck through, as "idiots", "Microsoft Certifed Idiots", and "useless payroll ballast."
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
I was very pleased to see this article. It's not perfect (somebody made mention of "grey hats," which isn't a common term to my knowledge, but is definitely descriptive of a few people I know), but it is leaps and bounds ahead of piles of previous articles I've seen on the topic.
And I was real amused at the description of security hole-stricken Windows NT as "porous." I'll need to remember that one.
I still say the term "crackers" is confusing...some people still view "crackers" as white people, or as Floridians, or as dumb southerners...aggghhhh!
Also like to mention that, apparently, dropping out of college can be good.
Dan
You look so stupid, happy, and numb...
This was a really good article. It was informative, clear, and for the most part accurate with its information and definitions. There's just one problem. The X-Force sounds just plain lame, and I think the authors of this article knew it. Consider such choice lines as:
"This is where Cult of the Dead Cow released Back Orifice, ostensibly to expose Microsoft's security shortcomings."
"...Rouland got a copy to Jon Larimer, the X-Force's 'back door' guru."
If they're not trying to imply that these dudes are gay, be it intentionally or unintentionally, then I guess I'm just the sick and peverted one.
-
Yea Yea Yea weve all been through this, so why is it that people give hackers a bad name. it is because the crackers are idiots, the search for ways to break, destroy, and demolish systems without the care to cover tracks or with out thinking of the consequences. Know i must admit that there are great Crackers out there, but the majority are little 16 yr old punks with nothing more to do than to exploit some server with a program he DOWNLOADED! He didn't put the effort to think of what it does and he sure as he*l didn't make it. So to all you little suckers out there that are downloading programs to break into systems or to grab some info, STOP! or make the program your own damn self and realize what goes into hacking, then mabey you'll learn that it isn't the fact that you broke into a system but that you CAN break into a system and don't!
KODE
so does that mean that it is okay to put kiddy porn up? bull sh*t. I will give rights of free speach so long but you know what there are some that don't deserrve it! i am sorry but you bring a good point, and i do agree its all or nothing, but sometimes its just your morals. So when the question comes up, my answer is yes they do deseve the right to free speach, i just don't want them to have it!
Yea Yea Yea weve all been through this, so why is it that people give hackers a bad name. it is because the crackers are idiots, the search for ways to break, destroy, and demolish systems without the care to cover tracks or with out thinking of the consequences. Know i must admit that there are great Crackers out there, but the majority are little 16 yr old punks with nothing more to do than to exploit some server with a program he DOWNLOADED! He didn't put the effort to think of what it does and he sure as he*l didn't make it. So to all you little suckers out there that are downloading programs to break into systems or to grab some info, STOP! or make the program your own damn self and realize what goes into hacking, then mabey you'll learn that it isn't the fact that you broke into a system but that you CAN break into a system and don't!
KODE