Slashdot Mirror
Interview: Grill John Vranesevich of AntiOnline
Before you start posting questions for John, you may want to learn a little more about him. First check his Web site, AntiOnline. Then take a look at this story about him in The New York Times (free registration required). And, for a sample of the kind of animosity John has stirred up among some members of the "inner circle "hacker/cracker and computer security crowd, you might want to check this site, too.
We expect this interview to be full of fire. Fine. We have our flameshields set to "high." But realize that the questions we forward to to JP Tuesday afternoon are subject to our usual screening process; we're only going to send him the 10 - 15 questions deemed most interesting and/or relevant by Slashdot moderators and editors, so please try to be as level-headed as possible.
John's answers will appear Friday.
Why are you hated so damn much and do you care?
Hates people who have stupid little sigs
1 (and only). Do you honestly consider yourself a computer security expert?
http://windows.scares.us
What's your opinion on the security of wireless standards like 802.11? Are devices like the AirPort secure enough, and if so, for how long?
I use Macs for work, Linux for education, and Windows for cardplaying.
Seeing slashdot contribute to the fame of such a character just really disgusts me. Everything I've read says that this guy is a self-promoting nobody who doesn't know his stuff, and everything I've seen him do involves him sueing someone because they came out and said as much. The only question I have is why he even thinks he deserves to be interviewed here. I've never heard of anything positive coming from him and I've heard of a lot of negative stuff
-Mike
Mr Vranesevich:
Having read many accounts of your interactions with the staff of attrition.org, it seems to me that your claims against them are generally unproven and rash. Their rebuttals are always filled with detailed fact and systematic, step by step analysis of the topic at hand. Please clarify why you feel that attrition.org is such a dangerous force, yet you have neer been able to present HARD EVIDENCE to that point.
--
I live in the ocean
Four-digit slashdot ID. Recognize.
How do you define your current role?
-and-
How do you see your role in the future?
I once read slashdot. AFter seeing their promotions, whatever it may have been, that
little hyper text link to AO. I will no longer
read the site. You are helping one of the most
worthless sites on the Net. Run by someone who
many would classify as a criminal. A narc, and
a liar. Someone who puts up a worthless site,
has allegdly PAID people to hack things just
to get more hicks. Someone who is in bed with Carolyn Meinel, and a person who doesn't know
his ass from a hole in the ground. What a worthless piece of shit.
What, if anything has changed since the entire packetstorm debacle? How has this affected you? Have any policies of yours, be they personal or public changed since?
Many of us in the hacker community (not cracker) used the Packet Storm security site for information and research. You had it shut down for some alleged things in the /jp directory. Explain to us why you called Stanford to shut it down rather than dealing with the maintainer. What did you accomplish by threatening to sue other than futher harm your image and remove any creditbilily you had?
-Davidu
# Hack the planet, it's important.
There are a lot of security information sites on the net, of varying quality. Why should I read AntiOnline? I Suppose I'm wondering what you feel that you're adding/offering that makes you unique.
thanks
-nme!
What were your most important works in the security related area, ie. posting to relevant(!) mailing lists (let's say bugtraq, ntbugtraq, RISK), articles in magazines, papers or lectures?
...from a loyal /.'er
Don't send this guy a dang thing. Everything I have seen from both his side and those of his detractors has painted him as a sham and a joke. I really don't give a sh*t what he thinks, I know his opinions are biased and baseless. Don't taint what have been quality interviews with this tripe.
+&x
I was wondering if you had any plans to work with new security expert John Dvorak in the future? With your notoriety and John's media connections (not to mention his $40 firewall) it would seem to be a partnership guaranteed to strike fear into the hearts of evil h4x0r5 everywhere.
======
"Rex unto my cleeb, and thou shalt have everlasting blort." - Zorp 3:16
Sacred cows make the best burgers.
It is a shame to see slashdot come to this, knowingly selecting highly inflamatory material with little to no redeeming value, for the sake of increasing banner revenues. I first noticed this with Katz, but now I'm seeing it with JP as well. Both are nothing but cheap hacks. It would be a waste of words to describe how and why, I believe the "editors" know full well what they're doing.
I've said it before, and i'll say it again; I believe slashdot may very well hurt themselves financially in the long run. Though these "articles" may create short term revenues, they detract from the site. I have little doubt that the real secret to slashdot is intelligent discussion. Katz and JP simply tear it apart--leading to flame and dogma. The people who participate vigorously in such discussions tend to be younger, immature, etc. People, such as myself, on the other hand, only have so much tolerance for this kind of behavior. When the more intelligent people (better contributors) leave, the heart and soul of slashdot will too. With out this certain intellectual vitality, slashdot will rapidly degenerate.
PS: I said I wouldn't, but I changed my mind...I knew JP a couple years ago on undernet (IRC) in #cha0s, and other such channels. He was, and always will be a clueless idiot. He is a horrible writer. He doesn't know the first thing about computer security. What he is, is an opportunist, and a not very intelligent one at that. The reason he is "popular", if you could call it that, is that he was in the right place at the right time. Namely, he acted as a conduit for the media when "Analyzer" (the moronic israeli hacker) did his thing. Since that time, he's been trying desperately to sensationalize everything and purporting himself to be an expert. In short, he's a hack.
What is the basis for your attacks on security Experts such as Attrition.org?
To Clarify the question:
Why do you proclaim them to be 'dangerous hackers' while they do essentially the same thing you claim to do, except that they do so better, faster, and more professionally.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
Why did you deliberately block links from Slashdot, HNN, and any other site who criticized you during the closure of Packetstorm?
Couldn't have said it better myself. I always thought /. was a place for intelligent discussion, not mindless kneejerking and childish tantrums.
And I am still the geek who whipped your lily white arse in front of the entire school. I'm waiting for you by the schoolgates tonight...
Strong data typing is for those with weak minds.
I remember visiting AntiOnline a few days after the packetstorm incident by following a link from slashdot, and being bounced with a message that read something like 'The page you are being refered by is a known hacker website...'
Can you please explain how you classified Slashdot, a site which reports news, does interviews, and encourages discussion as a Hacker website?
Kintanon
Check out JoshJitsu.info for Brazilian Ji
I say we flat out ignore him - he's of no value to the community. The only thing he does is stir up trouble and act as the town provocateur.
--
Why did you decide to let Slashdot interview you? How did the response you got compare to what you expected?
---- sonoffreak
Apathy truly is the coldest emotion. Nothing can freeze someone as cold as ignoring them. Completely. Utterly.
I am annoyed, however, that Signal 11 over there used a term to describe this tool that he tried applying to me once (as seen here.. well the reply to that, to be precise). Grr. ;)
~ Kish
But John Vranesevich?
He is arguably the most despised figure in the h(cr)acker community, with Carolyn Meinel neck and neck. Both of them follow the same ideals and public image. What's that? Being a FAKE. Vranesevich has shown many many times that he has absolutely no clue about real computer security, and has been proven beyond a reasonable doubt in my mind that he goes to disgusting lengths to get a story, i.e.: "Hey, here's some cash. Hack that site, and let me cover it." (Attrition's site has remarkable backing for this theory.)
What's more, Vranesevich absolutely cannot stand being criticized. Any site which puts up content that criticizes, parodies, or shows Vranesevich to be a fraud, he throws a fit, cries, and threatens legal action. Attrition, Innerpulse, PacketStorm all have received threats. (At one point, Slashdot ran a less-than-flattering story about him, and I E-Mailed CmdrTaco letting him know that he quite possibly might get possible legal action from JP. (Nothing happened, but everyone knew it could have.)
You may be wondering how I know all of this. Well, a long long time ago, JP was an operator in a very large IRC channel on undernet. I happened to be an op too. The difference is, I still am. He knows I know him, as does everyone in the channel. We knew him when he was a small time loser. He's still a loser, but now just big-time.
Which is why I'm puzzled, amazed, and quite frankly disappointed that Slashdot chose him for an interview. He's not at all insightful, and can't offer any kind of intelligence to this forum.
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
How do you respond to allegations that the FBI is investigating your knowledge of attacks before they happened and the accusations by some hackers who performed said attacks that you paid them or otherwise coerced them to do it in order to have coverage for your website?
Why do you feel that sites containing satirical humor based antionline are not protected by law and therefore open to your threats of legal action?
http://www.attrition.org/negation/t ml
http://www.attrition.org/negation/index2.html
http://www.attrition.org/negation/links.html
http://www.attrition.org/negation/www/tech.01.h
Can't find the article where JP confuses a nuclear plant in Israel with one in India. That was funny...
It's 10 PM. Do you know if you're un-American?
found it.
;)
http://www.reznor.com/news/cwd0899.html
I'm saving this one
It's 10 PM. Do you know if you're un-American?
I've kept one lazy Eye on the subject at hand. While I could spout my beliefs, I would instead like to give a listing of places to visit so you could make up your own mind. A good portion of what is out there is negative. JP has made a few too many enemies. And those enemies are quite vocal. OK, I will spout a little bit. I think most of what he has done is juvenile and a bit underhanded. However, I've never really heard his side of the story. JP tends to hurl inflammatory remarks towards his accusers instead of actually debating the subject. Anyhoo:
/ 0927.htm
i g=&restrict=&exclude=&method=and&words=ant ionline
o n&q=%2Bantionline+%2Burl%3Amsnbc.com&kl=XX &stype=stext
% 2Bantionline+%2Burl%3Awired.com&kl=XX&pg=q
% 2Bantionline+-url%3Aantionline.com&kl=XX&p g=q
http://www.attrition.org/negation/
http://kuruption.cha0s.org/jp/jp.html
http://www.forbes.com/columnists/penenberg/1999
http://www.antioffline.com
http://www.antionline.com
http://www.happyhacker.org
Try running a query on HNN's news archives:
http://www.hackernews.com/cgi-bin/htsearch?conf
Try specific queries with AO and certain News Orgs:
http://www.altavista.com/cgi-bin/query?pg=q&sc=
http://www.altavista.com/cgi-bin/query?sc=on&q=
Search Altavista for the keyword Antionline, but exclude any from that domain:
http://www.altavista.com/cgi-bin/query?sc=on&q=
I'm sure there is more, but I cannot think of any off hand.
Reality is like a Suitcase, we only take it out of storage when needed. -penfold
In your prescient wisdom were you somehow foreshadowing becoming the bane of the hacker and internet community when you came up with "AntiOnline" as the name for your site?
It's 10 PM. Do you know if you're un-American?
Are the rumors that you will be spinning off a sister site called Anti-Anti-Anti-Online to dispell the malicious accusations and deprecations of your obviously magnanimous professionalism and intellect and to further bolster the image of Anti-Online and your integrity as a computer-security-expect-guru-enthusiast, true?
It's 10 PM. Do you know if you're un-American?
by NME
There are a lot of security information sites on the net, of varying quality. Why should I read AntiOnline? I suppose I'm wondering what you feel that you're adding/offering that makes you unique.
by mochaone
Why are you hated so damn much and do you care?
by Rabbins
How do you define your current role? -and- How do you see your role in the future?
by platypus
What were your most important works in the security related area, ie. posting to relevant(!) mailing lists (let's say bugtraq, ntbugtraq, RISK), articles in magazines, papers or lectures?
by Kintanon
What is the basis for your attacks on security experts such as Attrition.org?
by imac.usr
What's your opinion on the security of wireless standards like 802.11? Are devices like the AirPort secure enough, and if so, for how long?
Additional question of my own:
Why are you so law-suit happy with your detractors and rivals? A lot of people have critized you for this, from fellow security sites to Forbes magazine. How does it help you (if it does)? If it doesn't help you then why do you do it?
"Katz and JP simply tear it apart--leading to flame and dogma."
/sparks/ discussion on issues. You have to credit him for that. He's out of his environment but willing to try and learn. To me that is the most redeeming quality in anybody. I think with even the most wrongheaded or overdone articles, Katz adds value to Slashdot. Nobody needs to make personal attacks on him. If he didn't care he could abandon Slashdot any time he wanted.
A lot of people like to take pot shots at Katz because it's easy. Sure Katz is often sensational and promotional...he can't escape his journalistic roots...but at least he
On the other hand, I think JP adds no value to anything. In fact, I think the net value of the system would increase if AntiOnline and JP were eliminated.
It's 10 PM. Do you know if you're un-American?
'The page you are being refered by is a known hacker website...'
"Can you please explain how you classified Slashdot, a site which reports news, does interviews, and encourages discussion as a Hacker website?"
And even so, what is the point of banning travelers who have come from a supposed "hacker" site. Is there something you want to hide from people who know better?
It's 10 PM. Do you know if you're un-American?
Though you're entitled to your own opinion, I disagree. Katz and JP are the same breed. Neither are interested in "learning". I don't really care how acclimated Katz is to the "environment"--It is irrelevant to me. Though, Katz understands the "environment" on slashdot better than most, in a manipulative kind of way --that which ills slashdot. He knows which buttons to push on the longhair, psuedo communist/Open Source/intellectual, liberal, pro-geek crap.
What I care about is the fact that he ADDS nothing to this world. If he wishes to write books, that is his business. But when he is given a forum on slashdot regularly, I take issue. The fact of the matter is that he has an incentive to write for slashdot, I assure you. Maybe he wishes to "signal" to the publishers that his books are popular, by directing slashdot readership to it, thus creating further demand for his books. Quid Pro Quo. Or perhaps, he feels that he can better sell books by understanding and interacting with the slashdot mentality, his readership. I don't know what his motives are exactly, but they strike me as entirely based in self-interest.
In either case, I don't believe he is sincere. Even if he is, he isn't adding anything that I want to read or discuss at length. Every one his articles has provided an alarmist or "hypist" tone. He also turns on his words repeatedly. In short, I see no redeeming value to his writings, and many downsides.
... and I always have been.
I want to know what this guy thinks. I am not worried about him becoming the next pariah or something merely because slashdot links to him!
We have others comparing this to interviewing Satan, or giving credit to those who deny the Holocaust. Well, to be honest, I would be curious to hear from them as well. But I do not need you, or others to formulate my opinions, protect me, or worry about me endorsing someone you hate.
From everything I have read, heard and seen, I can not stand the guy either. If he were standing on a corner in my neighborhood yelling to a crowd, I would most likely walk right on by. But this is a chance to read someone's opinions vastly different than mine and the great majority of those on this forum... and the great thing, is that he will be responding to challenges made from people who openly can't stand him. That is a little different than listening to him rant and rave. I simply like to hear different views, no matter how twisted, insane, eveil and stupid they might be.
Ignore him if you would like... you probably know a lot more about him than I do. But I want to hear from him, and I bet there are others who would like to also. If he is encouraged by this attention, well... so be it.
Aroung the time you changed Anti-online's "focus", I wrote an article about my personal experience with crackers. I submitted my piece along with my disapproval to your feedback forum and to osOpinion.com
I never receive any kind of response from you or anyone else in the hacker community. You all seem to be so obsessed with flaming yourselves and others that you fail to recognize the impact of your actions have on the rest of us.
You claim that now you are are on "the good side" but to the community at large you are regarded with extreme hostility, and your actions appear from many sources to appear to be nothing but imflamitory. I honestly ask you what good do you think you do when you have managed to ailinated most of the major forces involved in the security establishment?
I just checked out your site for the first time in quite some time, and I had to wonder something. First off, I'd think that a security related site would value privacy of it's visitors. But then, when i came across the LinuxPPC box that you adopted, you've posted hackers IP addresses and Host Names. I recall you doing that with a "hack attempts" page logging all the alleged hack attempts against your site.
This one puzzles me because the "attackers" aren't doing anything wrong. You've invited them to "attack" that computer. Yet you treat them with the same level of respect as you do any other "cracker"...
--------------
I tried to keep this nice and just address the issue at hand. Please, nobody start lecturing the difference between hacker and cracker! It's just he's got all this info posted here and, though it's one thing to make alleged attacks public, I feel it's another thing entirely to reveal the identies of people whom he's invited to attack his site.
That's all.
Considering ihs history of litigation threats I'm sure this entire interview will either be him defending his actions or a fluff piece to avoid getting sued. Either way it ain't gonna be much of a read.
Hey slashdot editors! I know you are busy, and maybe that's why you thought interviewing JP would be a great idea. I've already posted a comment on why I think this is a very bad idea. So I thought I would try and be productive. Here is a list of people who are of the right caliber to merit an interview (that is to say, try interviewing great folk like this FIRST before wasting your time and ours on JP):
(from the 1999 Free Software Award Nominee page)
Granted, some of these have been covered already, but maybe a handful at the most. I must confess to maybe knowing who 10% of these people are. I would sure like to know something about the rest of them. Just imagine all the cool stuff each of these people has to offer--why in the world are we looking to interview inflamatory, damaging people like JP?
Just trying to help :-) I figure 80 some odd suggestions should keep you busy for a while.
"Doubt your doubts and believe your beliefs." -- Switchfoot, Ode to Chin
What do you think about Carolyn Meinel? See any similarities?
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
You're just bitter from previous discussions with me. e.g.,0 /1253219&cid=136
http://www.slashdot.org/comments.pl?sid=99/10/3
1. I don't read his crap anymore. Though Katz hype articles DO take away from that "critical" mass that is formed in other discussions, thus hurting me.
2. I, and others, just might stop reading slashdot, if things don't improve. But I won't go without a "fight", so to speak.
3. I'm actually in the process of doing something much like that, though with a different spin.
4. Other parties are more than entitled to express their opinions, but that doesn't mean that I can't desire not to see it on slashdot. You'd hardly advocate Bill Gates' right to post FUD on here regularly...or KKK (et.al).
5. You're obsessed with "factual" arguments. Because the editors know what they are doing perfectly well, I do not need to "prove" anything. In truth, the only thing that really matters is that significant portions of the mature readership here object to Katz articles. Instead of wasting time, I provide them with a financial argument as to why they shouldn't shrug off editorial control.
Additionally, I don't need "factual" arguments. In fact, these "factual" arguments are numerous on Katz's articles--they ARE the problem. Though it is true that I have posted comments on a Katz's thread, I won't sustain the argument like many others will.
PS: If you think all action and argument must be made on "fact", then you're a bigger fool than I thought. Your notion of "fact" is statistics. The fact of the matter is that statistics are easily bent. There is a saying "There are three kinds of lies in this world: lies, damn lies, and statistics."
You don't need to know the exact statistics to know that driving drunk is dangerous, you can be reasonably confident though when you OBSERVE multiple friends that have died in such crashes that it is infact dangerous.....and pssst, Since when does Katz bring "fact" into his arguments? By your reasoning, since he lacks "facts" he can make no claims about: society, law, computing, etc.
Several months ago I was raided by FBI for supposed involvement with the "hacker" group gh. The extent of my involvement was participating, as a caller only, in illegally funded phone conferences. JP, who also participated in this conferences, labeled me as a hacker, and a member of gh on his "news" site. Neither of these accusations are true. He has many more ties to this and other hacker groups than I have ever had. My first question is this; If you label me a hacker, than do you label yourself one? Are you in your little database of supposed computer criminals? Secondly, How can you pretend to be taking a stand against "hackers" while you are involved in the same activities?
My third question is in regards to your coverage of the situation. You posted unconfirmed information from an unreliable source in regards to the status of my employment at a prominent software development company. As a result of this I was contact by several news agencies, and immediately stereotyped as a hacker even though I have never illegally penetrated any computer system, nor had I been charged with, or accused of any crimes by the FBI. In response to this I granted one news agency an interview, which I thought went well, but also backfired. As a result of the negative press my former employer could not even consider allowing me to stay. My question being, Do you expect people to consider you as a reliable news source even though you report data which you receive through unreliable channels? And lastly, Did you ever stop to think what the impact of your coverage might be? It seems to me that in your rush for the big story you have failed to check for the correctness in your articles, and as a result of this you are hurting innocent people, such as myself. I'm sure this has gone on in other cases, but mine is the only one I have enough knowledge to comment on. I don't attribute these unfortunate events to you, but you certainly did not follow good news practices in reporting them. You have only served to injure my credibility and your own.
Lastly, have you ever considered what legal action may be taken against you for your involvement with these criminals? Do you even recognize the hypocrisy of your stance on hackers being one yourself by your own definition?
Sincerely,
Jeff
After all, that is something Slashdot indubitably is! On the other hand, he seems to have been treating it as meaning the same as "Cracker" or "Trespasser", which few (if any) on Slashdot are.
(I suspect the few genuine "crackers" on Slashdot - note the difference between C and c - are very different from the sort of people he imagines. As for Script Kiddies, you get them everywhere. I think they're one of those Super Bugs that the medical profession is so concerned about.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Also, I noticed it's impossible to wander through antionline without tripping over bad spelling. Look at the first paragraph on that very same page.
The AntiOnline offices are located in the beautyful and rural...
So much for professionalism.
By the way, is it me, or are those computer tables converted exercise bikes?
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
i decided to glance at antionline one more time upon reading the comments here.i online&date=11-08-1999&story=trust.news
first thing i see:
Can You Trust Them?
Monday, November 8, 1999 at 11:06:49
Is the security industry your friend, or is the proverbial doctor selling you snake oil?
http://www.antionline.org/cgi-bin/News?type=ant
Read this. it is PATHETIC. Basically it is: jp bashing packetstorm! Apparently not content to dog it to its death, he looks at its new incarnation and, overbrimming with FUD, suspicious statements and things like "the information on packetstorm was compiled by MALICIOUS HACKERS!!".. my God.
I know only a little bit about the whole antionline/packetstorm thing. But even if i'd known _nothing_ it would be pretty obvious just from _reading_ this that this kind of nasty personal attack on a competitor is just totally uncalled for.. blech. i feel dirty having read it.
But you'd think that JP would have kinda sorta realized that having packetstorm shut down was a horrifying dirty act that made him no friends.. and at least had the decency not to immediately attack it once it is brought back from the dead. I guess not?
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
Sigh, you walk in midstream, put words in my mouth, and act like you should be an arbitrator. A couple points:
1) I put "fact" in quotations for a reason. Mainly because "fact" seems to have a very special meaning for mochaone. If you had read previous comments of his, you would understand this. For instance, he tells me that I have no "proof" that the US tort system need adjustment. Despite my being able to cite numerous companies that have been adversely affected by huge awards...including ones owned by family and friends. Yet, at the same time he effectively states that corporations are "evil" and need to be restrained by force of excessive lawsuits. That is just the tip of the iceberg, and low resolution at that...
2) Slashdot can do whatever it wants to do. That does not mean that I have to remain silent about it. I don't need any proof to say that I, and many others, are growing discontent with the editorial control on slashdot. If the KKK were to be given a podium on slashdot every other day, you're not going to spend hours trying to "disprove" every one of their claims. You simply KNOW it to be untrue, and have better ways to spend your time. Instead, you express your discontent to slashdot; in the hope that, with enough similar complaints, action will be taken. I simply know what Katz is up to, and I refuse to contribute to the problem (e.g., being on the other end of the flame fest doesn't extinguish the flames). Slashdot is not usenet afterall; it IS moderated and editorial controls are used.
3) My problem with JP has NOTHING to do with his use of unsubstantiated claims. JP (whom I know) flat out lies and intentionally distorts the truth. The problem does not lie in the proof, it lies in the person. He is a hack. So to compare me to JP is nonsense.
4) Katz doesn't use "facts". His position is certainly not that of the status quo--he is infact very much of a liberal*. You should try reading his drivel for a change. Futhermore, I'm not writing an article, merely a comment. Because of size and time constraints on slashdot, and particularly its temporal nature, I'm not going to spend a great deal of time "disproving" some silly point.
5) I don't purport every one of my statements to be scientific proof. That is an unreasonable standard, and nothing would happen if every comment had to fit to such a standard. Slashdot is simply not the forum for that. The fact is that there IS utility in a forum with REASONED debate, even if you don't have statistics to back up your claim. You can still develop an argument. However, that by no means, means that it must be swallowed whole and without inspection.
...anyhow, I've wasted enough time on slashdot for a couple days. Bye
[This is part of an unfinished letter I was in the process of writing to AntiOnline awhile ago... even before the Packet Storm buisness. I am very confident that it is an accurate evaluation of the kind of crowd sites like AntiOnline attract.]
/Please/ email me with feedback, questions, comments, or job offers.]
Hello.
I attend a high school here in a suburb of one of the major cities in the united states. Almost everyone here has a computer and it is just as common for them to subscribe to an internet service provider. Lately, it seems that there are many of these teenagers (or even pre-teens) are interested in computer security. (Or so they claim.)
This in itself is not surprising. Computers have played a large role in the shaping of twentieth-century America. (If I keep talking like this they'll put me on the Discovery Channel.) Computers are everywhere. In the corner of every billboard is a world wide web address. You can not go through a box of frozen waffles without being berrated at to "Visit www.cyberwaffles.com for the digiwaffles experience pushing binary envelope!" (I do not know if it exists. If it does, please run to your local establishment of religion and _pray_!). Schools, the establishment where those of the noted age spend hours of each day, are now inseperably intertwined into the ubiquitous (Yeah, that's right kid, reach for your dictionary.) computer-culture of networks, servers and databases.
Another facet of life that teenagers often experience is rebellion. Everyone wants to be James Dean. Marilyn Manson, Korn and Ozzy Ozzbourne* are all examples of rebellious outlets. Others include shoplifting, cigarettes, and flavor crystals in Cinn*a*burst gum. I know people who will commit pointless, but incriminating feats of idiocy in school and then revel in pride when they are called to the assistant principle's office. It's a stage for most people. Most people experience it some time. Beyond this, you can read the volumes of psychiatry on adolescent rebellion ( Cheesy psychiatrist voice: Do you do this to your parent's because it makes you feel like you're getting back at them, Bobby?).
This combination breeds a special type of teenager. It is easy to tell who is and isn't. Let's see here... People of this type often...
o Claim to be "Hackers, Hax0rz, etc."
o Use Microsoft Windows (And every now and then a Mac user.)
o Pirate Software ("Warez")
o Have simple knowledge of the way that MS-DOS and Windows systems work. (i.e. Modify Autoexec.bat, win.ini, etc.)
o Have intrest in "anarchy"-type information. (Jolly Roger-Anarchist cookbook, etc.)
o Use AOL or SLIP/PPP type network connection.
o May use viruses
o Use simple "hacking" programs
Let me explain these points. First, everyone has some definition of what a hacker is. (A definition which is mostly wrong.) There is all kinds of media surrounding these misconceptions. I will list a few:
o Movies : _Hackers_ (The worst of them), _The Net_, _Masterminds_, the movie in the works by Miramax about Kevin Mitnick, many, many made-for-tv-movies.
o Books: _Secrets of A Superhacker_, _The Happy Hacker's Handbook_ (please whatever you do, don't read this), _Cyberpunk_ (Kevin Mitnick has been in jail a long time unneccassarily and John Markoff helped put him there.), _The Cyberpunk Handbook_ (to the point of hilarity), and many, many "cyber-novels" (a phrase of Upright Citizen's Brigade Fame).
So everyone is pretty sure a hacker is someone who breaks into computers, right? Wrong. See the _Jargon File_ or _The New Hacker's Dictionary_. Anyway, these troubled youths choose to identify themselves as "hackers", because in their definition, "hacking" is what they do.
On to the flawed existence of Microsoft Windows. Windows is the most common operating system on the face of the earth if I am not mistaken. Real hackers, whenever remotely possible, do not concern themselves with Windows. Go get Linux. The fact that the these who claim to be "elite" are using a operating system that is the equivalent of a sanitarium with padded walls and crayons for writing letters can be used to prove that these "hackers" are really technically inept.
Software piracy, a.k.a. "warez" is a common activity of these faux "hackers" because it gives them a sense of doing something that is wrong and more importantly, illegal. This is easily attributable to their rebellious nature, which was discussed earlier. Here I will note the importance of flashy graphics. I have seen many, many "hax0r" webpages that are done entirely in Adobe Photoshop with nothing but selection and Alien Skin Software EyeCandy plugins. Most of these pages (probably yours if you used lots of EyeCandy) have *no* element of graphic design whatsoever. It is easy to impress these so-called "hackers" with this kind of design. They thrive on social support for self-confidence and attempt to impress each other with these pointless images. This is why Adobe Photoshop is a common item on "warez" pages.
Everyone has used computers. Some people know more than others. In this case with the kids I am discussing, they may or may not know more, but by only a thin margin. It is even possible that they may know BASIC programming. Their peers see that they have (slightly) surperior knowledge and may express admiration. This is what builds up the whole "elite" attitude. No one likes an egomaniac.
Anarchy files is a simple extension of the need for rebellion. No one really needs to know how to make napalm. No one reading this, at least. Intrest such as these are purely childish and even less justifiable than software piracy. If the government ever makes an organized attempt at complete totalitarianism, the only thing you will be able to do is insert your head between your legs and kiss your sorry ass goodbye.
The single most popular isp among these wannabes is probably aol. AOL is a terrible company (although they did score points with the Netscape open-source issue) and is the least desirable access provider anywhere. I would rather live in North Korea and eat dog than show up on someone's server log as coming from an aol ip address. Aol isn't always the way modus operandi, though. But reagrdless, they will, with few exceptions, always use a SLIP/PPP networking connections. Why is this relevant? Because it shows their technical hopelessness. I garauntee you that you can sit any of these "hakz0rs" down at a bash shell and the first thing they will try to do is type "win" or maybe "dir *.exe" and finally "help". They need their precious gui interfaces because without them they will drown in their sea of bad MS-DOS syntax. This is statement can be supported by their love for cheesy graphics. Do you think most "31337 d00dz" optimize their sites for Lynx? I didn't think so.
Computer viruses. Personally, I think that anyone that has taken the time to learn assembly should write themself a microkernel so they can network their toaster ovens or electric toothbrushes or do something at least semi-productive. But alas, it appears some insist upon pointlessly annoying innocent computer users. Not that these people that are capable of producing such programs are common in "hak3r" culture. Virus distribution is just another way to feel rebellious and badass while in reality it's the equivalent of setting random people's homes on fire. Pretty cool, huh?
AOHell, WinNuke, port scanners, Back Orifice, the list goes on. It appears that every now and then one of these kids actually figures out the winsock control in Visual Basic and in a malevolent orgy of simplemindedness produces another one of these idiot machines. (My sincere apologies to the l0pht; I don't care how many CERT advisories you've caused, you still can't spell.) I program. In C. No, not Visual C++, that doesn't count. Try the GNU compiler for a real programming experience. Lost without your anarchy symbol pointer and some buttons to push, huh? All of these programs are simple to design. WinNuke is something like five winsock.dll calls, I believe. Back Orifice isn't the genius it's made out to be. Wow guys, I'm in this guys hard drive! Remote access utilities are very common. Back Orifice is not the first or the best,, by any measure. The only difference is that Back Orifice makes a few registry calls, uses datagrams and runs transparently. The people who use such programs think that their designers are really "l33t", when in truth they are just simple socket programming exercises. No magic. The vast majority of the so-called "hacking" population does not know how to program anything at all and uses these programs without caring how they work. Where's the hacker spirit at?
If you meet any two of those conditions, with exception to numbers two, four and six, I would immediatly seek out psychiatric help for your immaturity.
I have now defined, and hopefully clearly so, what I think of most people my age who call themselves hackers really are like. I meet these types of people in alarming frequency. A few weeks ago another student told me, and then when I told him he was wrong *insisted* that the reason he could access the MS-DOS shell was because of an error in the *server* software. I'm sure. Now I know why the network at my school is protected very well. It doesn't need to be with people like him. Virus protection maybe, but I wouldn't worry about the bindery too much. These people constantly are asking me "How do I hack the school's network?" or "Do you use Back Orifice" (always mispronouncing "orifice") and lately, it seems the question has been "Have you been to AntiOnline?".
[I have not reread this before posting (yeah, I know, poor form) but I am quite confident that it is still an accurate representation of the facts and what I believe.
Kspett
Kevin "Cash Money" Spett
Ignore your rights and they go away.
But it won't be since it disagrees with the prevailing attitude to this interview.
/. has been very critical of him in the past.
I have to respond to this as well... The whole responce to this interview has caused me to become very disappointed in the slashdot readers. We are supposed to advocate open source, but apparently not free speech now?
I've followed the whole AntiOnline/Happy Hacker/Packetstorm/Attrition thing for quite awhile now, and I disagree with JP on pretty much everything. But, that doesn't mean that people don't have a right to their side or the story.
Applause is due to Rob and company for taking on such a controversial interview. Heck, I'm impressed that JP was willing to do it. He has to know that it is gonna be rather hostile, as
Hell, here's your chance to either 1) ask some technical computer security questions to see if he gets stuck, or 2) Try and get him to justify his actions that you disgree with. Take advantage of it.
Anyway, here's my questions:
1) Why do you belive you are qualified to be a computer security "expert"? What justification is there for you being concidered a credible source?
2) In dealing with the Packetstorm incident, why did you not attempt to contact Ken Williams first? Instead of going directly to his upstream, better Internet ettiquite would have been to attempt to resolve your problems with the site maintainer. If someone had a problem with your site, wouldn't you prefer that they went to you, instead of going over your head and talking directly to StarGate?
-Wintermute
(This is probably a rehash of other peoples questions, but here goes)
For Mr. Vranesevich: There is a strong sentiment against you in the online community. What do you feel are the key reasons for this and how do you respond to them? Do you intend to do anything to try to alter this perception?
For the Slashdot maintainers: There has been a lot of flack thrown out here, but I would ignore it. I do think it would be cool to see some of the people recommeded for interviews in the various postings here, along with possibly some writers such as Steven Levy, or William Gibson (or have they been done already?)
For the people who now hate Slashdot because of this interview: What a stupid reason to leave. I for one won't miss you.
You should seek the advice of a lawyer. You certainly have a couple parties that you could prosecute, if your story is accurate. It would take time/energy/money which you may not be interested in spending, but I think you have reasonable cause.
First of all, if JP posted libel on his site, and didn't make an effort to verify it OR (more importantly) post a retraction/apology when it turned out to be false, then you have a case against him. And secondly, the employer who fired you is certainly on shaky legal ground. Admittedly, I don't live in the States and your laws might treat that differently, but I don't think they are allowed to fire you based on false statements about your activities... particularly if you have never been arrested/charged by the FBI and if that was their motive for firing you. Of course, it's possible they may not have explicitly used that as the reason, they could pretend it was something else, but it IS worth looking into. That sort of thing is not only personally damaging, it can make it difficult to find employment in the future.
Of course, without proper legal advice, or all the details, it is hard to judge what sort of evidence you'd have, or if you could prove your story satisfactorily to a judge. Heh, ironic... JP is always threatening to take people to court for slander, maybe it's about time he got a taste of that.
---
I hope you're not pretending to be evil while secretly being good. That would be dishonest.
Thank you for agreeing with me. See my response to Signal 11's post for my definition of "community".
Hates people who have stupid little sigs
If you mean JP, his nickname was JP. I knew him from #cha0s on undernet and have had run-ins in #hackphreak and the like. That was like 3-4 years ago. He was certainly incompetent then (far worse than the company he kept), though he tried his hands at being a script kiddy. Since that time, I've seen JP do and say things which make his incompetence glaringly obvious. He hasn't really changed at all as best as I can tell; Same personality, different symptoms.
I believe he stopped using IRC recently as he acquired too many enemies, particularly packet pixies/script kiddies. Though he evidently goes on anonymously or has someone else go for him, so he can get his script kiddy leads.
Seeing how his public image surged, Rloxley made him the one and only senior op. When I openly (quite openly) voiced my opinion on JP's knowledge, skills, situation handling, and occasionally sexual orientation, I was removed as an op.
Rloxley thankfully saw the error in having this asshole run the channel, and JP was removed. at this point, JP took over the channel, banned *!*@*, and pretty much threw a tantrum. In the meantime, Antionline was growing from a small useless waste of bandwidth into a big one.
The answer to your question is this: A long time ago, JP was a reasonable person. That's when he got ops. Then he turned into a media whore. Whenever JP removed me, RLoxley repeatedly re-added me. Now, myself, alienbaby, doxical, and L1thium are senior ops. JP never comes into #HackPhreak anymore. Whee!
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
I was responding to specific gripes of mochaone, and some which you can't see in this thread from previous arguments with him. Context!
/., who are fed up with this. This can indeed be indicitive of the population. It remains open to investigation. If they wish to ignore my arguments, time will prove me right. But then again, as an AC pointed out in this thread, maybe they're looking for an IPO (et. al) exit...
I do not get upset over this stuff. I was making a point, that I see a general trend, a focus of trying to create flamewars to increase banner revenue. This trend results in an increasingly singular viewpoint, that of geek fanaticism.
It is my belief that the slashdot editors KNOW what they're doing; thus I don't need to prove it to them. Instead, I made a financial argument that it could hurt them in the long term. The mere fact that they generate increased hits in the short term does NOT mean it is healthy in the long term. For example (though extreme), if I were to put the KKK up on slashdot, to spread their propaganda. I have no doubt it would generate a thousand comments. If I kept doing this on a regular basis, the readership would get fed up--they would leave en masse.
I am not putting a gun to the editors' heads, my points remain open for consideration. The mere fact that I lack exact statistics does not make my efforts worthless. Also, I have OBSERVED a number of people, those whom I believe to be the more worthwhile posters on
It is ironic that you purport that Katz's articles are apropos for slashdot, yet the KKK or Bill Gates is not. What facts do you have the back this up? What proof do you have that Gates' claims of MS superiority are indeed FUD? How does this differ from my claims that Katz's articles are essentially anti-establishment FUD (though my comment presumes that the editors already KNOW)--with an immature sycophantic geek-cheerleading-squad?
If you assume that user replies/moderation are an accurate indicator of the intrinsic worth of a comment, then I am significantly better off than yourself. My comment/Karma history demonstrates this well. Or would you have me believe that, perhaps, there are other criterion? You can't have your cake and eat it too.
It would be one thing if I really believed that both Katz and the editors are sincere in what they write, but I don't think this to be the case. I believe Katz is effectively telling the slashdot-cheerleeding squad whatever they want to hear(I've seen Katz speak out of both sides of his mouth); I object to that on principle. But beyond that, as I've already stated, I think it detracts from slashdot in general, even if I ignore Katz.
I did view your Karma/comment history briefly. You were giving me "pointers" on how to write, implying that mine don't deserve the time of day. My first comment on this thread has recieved a score of 4. And you seem to imply that whatever the readership comments or moderates is good. I see a certain paradox in saying that Katz's articles are worthwhile because they draw moderation and comments, yet saying that mine, which draws moderation and comments, is not. Or yours....or whatever...
...anyhow, I've got work to get done today. Bye
Conversely, it seems odd to me to respond to such a long, drawn-out thread without having read entire said thread. During any long, drawn-out argument, one side or the other is likely to slip up with regards to examples, wording, or some other semantic error. No one is perfect. I'd personally recommend reading the entire thread next time, as it would most likely shed a little light and give you a much better perspective on the argument as whole. This particular situation would have been no different had you taken the time to do so.
~ Kish
The moderation system on slashdot is largely broken. The fact that you feel compelled to protect yourself from it speaks volumes. Though you seem to see flaws in slashdot content management (comments/articles/moderation), you still want to extend Katz the benefit of the doubt because he's got fans. Yet you're willing to write mine off with a shrug. Though they're slightly different, it is effectively the same issue. Majority whim v "right". The standard should not be whatever is popular at the moment. That is to say, just because the "more people" appear to be happier with it doesn't make it "right".
Futhermore, what majority desires is not neccessarily better for them. The majority may desire to do geek-cheerleeding, but it hurts everyone as those who're most reasonable are put off by it--causing inbalance. They may be only 5% of slashdot, but in BALANCING slashdot, they carry a great deal more weight.
There is no way to "prove" any of this, at least without extensive effort. That does not mean they're worthless. The majority of slashdot comments, yours included, don't live up to this standard of "proof". You can, however, draw thought and futher review.
My original comment was largely targeted at THE EDITORS. Since it is my belief that the editors know what they're doing, I provided the editors with a RATIONAL argument as to why they MIGHT not want to exclusively pursue the whims of the apparent majority (if Katz-comment-traffic-people are indeed a majority).
Somehow, I don't think W. Richard Stevens would make for a very good interview.
Please don't moderate this as "funny" because it isn't. I'm just saying that your list hasn't really gotten the fine-tooth comb treatment.
--
grappler
Vidi, Vici, Veni