|
Home > Archive > General Discussion > February 2002 > Hackers, Watch Out!!
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Hackers, Watch Out!!
|
|
|
| Hackers, Watch Out!!
Have a look at this and then afterwards at this one
and then give some opinions you might have. | |
|
|
|
| hacker = Cyber Terrorist = Terrorist = JAIL (the end)  | |
| Boulware5 2001-09-26, 6:43 pm |
| There's good and bad hacking. Yes the 'bad' hackers should get jail time - but life is a bit harsh. | |
| ccieToBe 2001-09-26, 7:29 pm |
| Oh man, that's scary. What about prison sentences for the admin who let his/her box get broken into?  | |
| Kartemy 2001-09-26, 10:46 pm |
| How do we qualify this? How do we decide between a 16 year old child who is seeing what he is capable of and a 30 year old terrorist? Do we put them all in jail just to make sure? The child needs to understand what he is doing is damaging, the terrorist needs to be destroyed.
I hope the American Justice system will be able to tell the difference. I probably don't understand your's anymore than I do mine but I like to think that compassion and rationality rules in both the American and the Canadian justice systems.
We want to take safety precautions but if we let those that did the damage on 911 win it means we will be cowering in our rooms and letting them win. Let us not give them that power.
We in Canada feel like we were struck at home. I am closer to NY than some Americans on the West Coast by miles and our cultures are so close, I felt it was my home being attacked; North America.
To all those who lost friends and loved ones please know that we, in the north country, care and will do what little we can to help and show our love.
Kartemy | |
| peterd 2001-09-27, 2:15 am |
| Hi Kartemy,
sorry to diagree with you, but from what I've seen of the US justice system, there doesn't seem to be any sort of 'compassion' in it.
This isn't a problem for me either way as I have no plans ever to go there, but if it should happen one day then I'd be very worried if I ever had to deal with the US justice system.
In fact, I'd be prepared to skip town immediately and never go back as I don't feel I could ever trust them for 'justice'.
Regards
Peter | |
| exar07 2001-09-27, 8:14 am |
| I can see both sides being harsh BUT our
Countries run on Computers! If some one is threating to steal or destroy information that is a threat against our country.
If some one creates a virus and that virus causes millions of damage that hurts our economy.
Think about this!!!
Our system now sucks! A new virus comes out, we (IT people) try our best to avoid damage and then recover from the damage. WE lose vaulable time and money- out of our pockets! NOTHING IS DONE! The next virus is out next week and we are repeating the same process. This is stupid, something needs to be done!
These hackers and virus makers need to be handled! It is a crime and it should be dealt with!
One more thing... The sentences are harsh, but oh well! | |
| chodan 2001-09-27, 7:26 pm |
| Look at it this way.
A Virus infects an air traffic controllers computer or a computer that keeps medical records or keeps medical equipment running, maybe a policeman`s mobile data terminal when he is pulling up behind an unkown car.
Or maybe it keeps someone like me from doing my normal job or letting me pursue some of the fun things that IT people do besides trying to chase virus`s.
I`m sure age is a consideration but if someone dies because of a virus I doubt the victims families will care.
I for one hope some good examples are made of these malicious hackers.
I work in a job that utilizes Federal Grant money, when a virus hits like it did last week and then reared its ugly head again today, that is thousand of dollars a day
of lost time and productivity.
Oh well I`m not feeling to kindly toward hackers now and am doubting that there are "good hackers".
Sounds like an oxymoron to me.
Chodan | |
| peterd 2001-09-28, 1:59 am |
| hi,
another way of looking at it is that without hackers wasting millions of hours of IT workers time there's be less IT jobs in the world...
so which one of you is willing to give up his/her job?
Regards
Peter | |
| chodan 2001-09-28, 9:09 am |
| My job is not based on fighting hackers at least it wasn`t.
I design networks and spec out IT systems.
I configure routers and switches and servers also support users and a whole bunch of other stuff.
If hackers stopped today I`d still have a job.A much easier job to.
I do admit that Hackers will create lucrative careers for sucurity focused IT proffesionals.
We are currently calling in a security consulting firm to evaluate our network.
Systems Design Group is there name.
I am also pulling all our hosted web sites "about 70" out of IIS 4.0 and into cobalt RAQ servers.
Chodan | |
| ccieToBe 2001-09-28, 10:57 am |
| quote:
Originally posted by chodan
...I am also pulling all our hosted web sites "about 70" out of IIS 4.0 and into cobalt RAQ servers.
Chodan
Sounds like a good move to me. | |
| Adam3 2001-09-29, 10:30 pm |
| I work in IT and I always think that it is possible that virus protection companies create viruses on there own to make money. They have many high paid programmers, what do you think? There are many out there how else do they stay in business? I am not trying to cause trouble, just curious of opinions. | |
| chodan 2001-09-30, 9:20 am |
| I could see how that might happen but most viri are eventually traced back to a source.
I don't think sircam, nimda or code red have been traced just yet though.
I think that ones like nimda will cause antivirus writers to have a greater ability to protect computers because of the number of vulnerabilities it exposed.
Now that they are exposed "the vulnerabilities" we can close them up and make it that much harder for the next hacker.
I don’t think antivirus companies would risk it though it would be to easy to slip up and someone like an ex employee would rat em out.
I also think they would not sink that low morally. I am somewhat naive though hehe.
That’s just my opinion. | |
| Musafar 2001-09-30, 4:48 pm |
| Hackers can be used to protect from other hackers | |
| chodan 2001-10-01, 10:16 am |
| I guess so.
But are hackers trustworthy enough to allow them on your network.
I would not "knowingly" give a hacker free reign on my network.
 | |
| mcp_mcse 2001-10-03, 3:02 pm |
| Do u think we can bifurcate hackers on the basis of those who intend harm and those who intend fun.
Infact, i myself was a hacker for sometime in my college days. It was fun sending messages to people for whom they came from no where, flipping their screen and prinint garbage to their printers. But, we used to keep it to a limit with no harm intended. Still, these kinda guys should get atleast 2 days in the station and a $200-$500 fine.
Well, about those who wanna crack security, they should be shot dead. Life imprisonment is a small punishment.
Jack | |
| prem_rajani 2001-10-04, 11:38 pm |
| greetings,
well all are correct in their veiws but everytime a hacker gets into a site or so the coders are put into it immediately.just imagine if hackers werent there at all then there would be no need for such good coders. and hackers make u to implement new things into code n get to learn new programming techniques. | |
| Musafar 2001-10-06, 2:14 am |
| Thats right | |
| limsam 2001-10-07, 11:34 pm |
| Will they jail the past hackers like Bill Gates?
LS | |
| stefanw 2001-10-08, 2:33 am |
| What the hell are you all on about? Hackers aren't the problem, its the crackers. The only reason people have a bad image of hackers is because of the press, and the fact they never had their story straight from day one!
Crackers are the people that will cause you grief and make you lose money through piracy and defacement etc.
Get your story straight and understand what you you are saying before saying it. | |
| Pratish 2001-10-14, 4:16 pm |
| I am against any hasty legislation that may not stand the test of time.
Ofcourse, after the atrocious terror attacks on NYC and DC the US goverment must look to legistative remedies to bring justice to bear on the terrorists.
So does hacking constitute a life sentence? My initial gut reaction is that it's overboard.
Hacking includes attributes of human intellectual nature to get around barriers and challenge ones self. I am not condoning, hacking to break, ransom, profit and terrorise people. Just for a lot of people it is human nature to challenge ones self.
However, there is this senario. Hacking allowing terrorist to get sensitive material on advance minature nukes. Hmmmm, got a case here. However, any goverment that allows this type of material to be hacked should be thrown out.
We need good legislation to stop these terrorists and good legislation takes time.
Pratish  | |
| Pratish 2001-10-14, 4:20 pm |
| The term hacking is misunderstood by the press and many people.
Your right get the crackers. Defintely more tasty.. yum, yum... | |
| Pratish 2001-10-14, 4:33 pm |
| Below is the oxford compendium description of the words hacker and cracker. Hmmm, anyone got the Websters dictionary description. Ta.
hacker // n.
1 a person or thing that hacks or cuts roughly.
2 a person who uses computers for a hobby, esp. to gain unauthorized access to data
cracker // n.
1 a paper cylinder both ends of which are pulled at Christmas etc. making a sharp noise and releasing a small toy etc.
2 a firework exploding with a sharp noise.
3 (usu. in pl.) an instrument for cracking (nutcrackers).
4 a a thin dry biscuit often eaten with cheese. b a light crisp made of rice or tapioca flour.
5 Brit. slang a an attractive person, esp. a woman. b a fine example of something (a cracker of a match).
6 US offens. = poor white. | |
| Pratish 2001-10-14, 4:53 pm |
| What's the difference between a hacker and a cracker?
Okay, got this from the web site,
http://www-vacia.media.is.tohoku.ac...rticles/hacker/
Lets get this question out of the way right now:
On USENET, calling someone a "cracker" is an unambiguous statement that some person persistently gets his/her kicks from breaking from into other peoples computer systems, for a variety of reasons. S/He may pose some weak justification for doing this, usually along the lines of "because it's possible", but most probably does it for the "buzz" of doing something which is illicit/illegal, and to gain status amongst a peer group.
Particularly antisocial crackers have a vandalistic streak, and delete filestores, crash machines, and trash running processes in pursuit of their "kicks".
The term is also widely used to describe a person who breaks copy protection software in microcomputer applications software in order to keep or distribute free copies.
On USENET, calling someone a "hacker" is usually a statement that said person holds a great deal of knowledge and expertise in the field of computing, and is someone who is capable of exercising this expertise with great finesse. For a more detailed definition, readers are referred to the Jargon File [Raymond].
In the "real world", various media people have taken the word "hacker" and coerced it into meaning the same as "cracker" - this usage occasionally appears on USENET, with disastrous and confusing results.
Posters to the security newsgroups should note that they currently risk a great deal of flamage if they use the word "hacker" in place of "cracker" in their articles.
NB: nowhere in the above do I say that crackers cannot be true hackers. It's just that I don't say that they are... | |
| laloca 2001-10-14, 4:58 pm |
| I agree with most of you ...
Today almost everybody has a computer and most people think, if a computer is still working everything is ok. It became so easy to work on computers, everything is "look and feel" - also my grandma can use it. security? why? my entrance door is locked!
I still get sircam mail!! about 6 weeks after we heard about this viurs is the news. medical diagnoses, authority correspondence and also the passwords for some savings accounts!! data security? privacy? pah!
All companies or sites who are dealing with sensible information should need a special licence or authorisation to connect to the internet. there should be better laws to protect sensible data. | |
| depamo 2001-10-29, 2:26 pm |
| Whether you are a hacker or a cracker, it doesn't matter, you are attempting to bypass security measures that are in place solely to keep you from entering my system that you have no idea about and destroying potentially millions of dollars worth of data, reducing a companies public image, sometimes damaging customers records and even worse, releasing them to the public.
If hackers or crackers had any idea of what they were doing and held responsible for it, maby that would deter it somewhat. Personally, I don't like having to pay for all the increases in corporate spending that translates back to everyone, in higher priced products just because someone can't get out of his house to do something other then getting bored, trapsing into a complex network and accidentally wiping out large amounts of other peopls hard work.
I personally love the excuses, I was bored, I didn't know what I was doing, it was an accident, I didn't think that it would crash the whole system and so on.
Some hackers or crackers or whatever they are called these days would have you believe that they are doing a service by finding the faults in the systems so 'others' don't exploit it. Personally, I have never met a hacker that once finding an exploit, they didn't tell all their friends immediatly, usually resulting in a mass attack on that vulnerability. If the intention were true, I would believe but I have never seen it hold true yet.
Every hacker that I have know would say to the world that they were doing it for the challenge to say they could do it. When behind the scenes, it is a competition that requires you to prove your hack which results lots of problems. Back doors left open, TSR programs that eat up resources, corrupt and missing files, damaged logs, disrupted script schedules, and many more.
I believe that if you stand up and knowlingly attack a systems security, you should be held liable for your actions. How would you feel if you lost your job because a hacker disrupted your operations enough for customers to go somewhere else resulting in cut-backs that laid you off?? How much money do you think a bank looses a minuite if it cannot execute transactions?? How would you feel if all your personal information were opened to the internet for disclosure to everyone??
What is the first thing that hits your mind when your work network starts to slow?? Bet you never think that a hacker might be pushing a DoS on the corporate internet connections, most just assume that the network staff has its head up its XXX again.
These are the questions that you need to ask before saying that they are just fooling around. The truth is, until it hits you in the face, it is all fun and games and everybody is so happy to talk about how they were just having fun and all the complexity they had to figure out to succeed!!
Reality check, across the world there are more people hacking then any other time and the number is increasing. Tools from the real hackers on web sites allow 'script-kiddies' to attack without knowing the actual consequences of their actions. Who is responsible for that?? Hackers that built these utilities push the responsibility off once they create these monsters of destruction with a 'terms of use' clause that usually isn't read. People complain, your software just cost my company millions of dollars in lost revenues, who is going to pay for this?? Guess who, you do, the consumer. That is life, and this is what happens in the real world when a hacker opens fire on a network device.
Wake-up, as business depends on computers more and more every day, isn't it also a balanced statement to say that your job is also depending on those same computers? Do you want your future, your job to be decided by these people for you??
This is just a wake-up call. I work in Security Consulting and some of the pratices that I have seen, well to put it simply, some companies deserve a little tap on the shoulder. I don't believe that holding someone for life is the answer but what is in place right now will also not work.
There has to be some kind of a balance where people are held responsible for their actions. Example, if I hit your kid with my car on the way home from work after dropping coffey in my lap and it really was an accident, would you still prosecute me or would you just shurg it off and start working on another kid?? Would you like to see me goto jail for that?? It was an accident, I sure didn't mean to do it, or as soon as I got behind the wheel of that car, did I assume the responsiblity for my actions no matter what they were, even if there was a real life accident?? | |
| Rosetower 2001-10-29, 3:52 pm |
| The punishment depends on the intent of the hacker - if it can be proven that the hacker intended his actions to promote terror, then the punishment is just.
IF you can't do the time, then don't do the crime! | |
| TaskPadMan 2001-10-29, 10:56 pm |
| It's all fun and games until they can define who is a "hacker". I think even some network security testing programs will get you classed as a hacker. That is like saying I own a gun so I was going to rob a store.
Talk about crime prevention, hah  | |
| stefanw 2001-10-30, 2:34 am |
| lots of good comments here, with a lot of common sense being spelt out. Not all hackers/crackers are bad. Some really do do services for the company involved.
I know a hacker that will scan companies for vulnerabilities, maybe use one of the vulnerabilities for access to the company, but not doing any damage.
He will keep this opening to himself, but will also email/contact the involved company, providing his full conatct info, and details of the hole, allowing the company chance to patch it up.
This is good. Everyone here is now in a win win situation. What we really need is more people like this, helping the electronic community.
This would also stop "script kiddies", as the shitty tools would not work as well, and they would actually need some knowledge to do some damage.
We need new laws, maybe even a gov sponsored company that is legal to hack companies, for the benefit of the hacked compaines (patching holes etc..)
I have found, from my own experiences, if you keep it all low key, companies generally appreciate this kind of security help.
I mean, how many companies can afford a security advisor/expert ?
More views can be found on this at USAinUK | |
| depamo 2001-10-30, 7:51 am |
| I still think people are missing the point of this. Wheather or not you are a hacker or a cracker, you cannot always determine the effect of penetrating a network with vulnerability. Even Hackers with the best intentions have probably taken down servers by accident and in the midst of their fault, they won't tell anyone. I don't think that a hacker that believes himself to be 'one of the best' that damages internal systems would have the balls to call the company up and apologize or even mention the bug to the company. He would back out, cover his tracks and stay away long enough to keep from being discovered.
Of course if they find a small vulnerability in a system they can report it but still, they don't know the network until they get in there and start playing around. The damage alone from this discovery can cause irreperable damage to systems and data.
If you are in there, you have already crossed the line. Those of you that watch too many movies, I don't think that I see many people that have a hacking utility open and 'whoops' just accidently hit the mouse button and damn, killed all those kernel processes on a production server. So when they come back and say that their intent wasn't malicious, I find it hard to believe. You choose to attack that system. You planned how to do it. You selected particular software to fit the case to either access information or damage systems. Now how do you get a non-malicious intent out of that?? It sure as hell isn't a crime of passion or curiosity.
As for script kiddies, the source of all the tools that they use came from these hackers. I haven't met a script kiddie yet that even understood the tools at the basic level. They just know how to use them successfully through trial and error.
If hackers really want to help out, I would really appreciate that they keep their cracks to themselves and stop publishing every possible way to bring a system down for the general public to use at their discretion. If they were really about non-disclosure helping to fix company vulnerabilities, there wouldn't be so many thousands of attack software packages out there today. There would be more sites about how to fix problems made by hackers then there are sites on how to expose them. I guess that currently it is just more fun to attack a system, since the punishiment is minimal and the risk is low that when you get caught that anything will happen anyhow. | |
| William Nova 2001-10-30, 11:31 pm |
| The point here isn't the difference between "Hackers" and "Crackers" or cost studies on ROI or other corporate nonsense resulting from hack attacks.
The real "wake up call" were the following statements:
"But the list also includes the provisions of the Computer Fraud and Abuse Act"
and:
"To date no terrorists are known to have violated the Computer Fraud and Abuse Act."
And before you say it, it's not a measure of prevention, either.
This is a purely Political and Propaganda matter. Capital Ps.
This is an attempt to restrict and control Internet usage, and in general, the Internet culture. It's a scare tactic. Will they prosecute a 17 year old out to impress a girl in his homeroom? No. But the fact that they *can* is what's called the "chilling effect" and that, in conjunction with other items from the USA bill, the Patriot bill, and god knows what else they come up with, will hopefully have the net effect of decapitating the Internet over time, turning it into another version of Radio or Television.
The FCC airwaves and TV frequencies used to be free too at one point. Just like the 'Net is now.
What AOL and MS don't accomplish the federal gov't will. Total control.
In time, there will be multiple networks, akin to the "Alternative DNS root" movement ongoing. But the "one Internet" will be gone for good. Watch and see.
Welcome to the 21st century.
Dryco. Worry not. Want not. | |
| depamo 2001-11-01, 11:50 am |
| I always love people that like to say, Government this and Government that, they are taking control of the internet!!
Actually, they aern't. They are just worried that as the demand for internet access continues to grow, it will become a new arena for people to attack the businesses of the US.
Big Business today is putting the pressure on the Government to do something about malicious, costly attacks today. They want to get ahead not to regulate but to protect. They have a big stake in the internet also. Tons of government functions run using the internet. Just as in most cases, as the Government tries to move in to protect, you get a few rotten apples that add legislation that screws everything up and either ruins the public image of the Government or destroys what they were trying to protect with too much regulation.
As for 'new internets' popping up. That is never the trend. To separate would be to segragate your community from others out there. The push in business is always to maximize your exposure and increase connectivity. As the internet goes under its next big growth spurt (IPv6) it will be a massive interconnected giant digital infrastructure connecting the largest of the largest companies down to your PED's that will start to fit on your wrist in the next year or so.
Big Business only use separated networks for B2B (ISP's like WorldComm) but Internet connections are still the cheapest and easiest way to connect your offices together when geographically challenged. | |
| neuralfx 2001-11-13, 8:34 am |
| Ok, so is this retroactive? if so then does that not mean we need to imprison Gates, Jobs, Wozniak, and many other great minds .. ya evil bad "hackers" .. has anyone else noticed that all these "laws" dealing with technology as of late are ridiculous? ..
-neural | |
| stefanw 2001-11-14, 6:01 am |
| lol, anyone read about the new law in Europe regarding cookies ??
find out about it and have a laugh, basically, by the end of 2002, websites will no longer be able to use cookies, no one will. | |
| jazzbuddha 2001-12-30, 5:34 pm |
| "Hacking" is like "Pornography" it is all in the eye of the beholder. Nobody is responsible for writing garbage code (IIS, Outlook) that is defeated and exploited by 14 year olds but let's hand out death sentences Yay! | |
| wbafrank 2001-12-30, 7:06 pm |
| Having read with interest both articles and the subsequent posts, I was quite surprised to find out that no one had mentioned the fact that there are companies out there who get hired to hack into systems to see if it can be done.
Does this mean they will come under the act and be classed as "terrorists" or will they still be classed as "security firms"?
I'm not too sure what the object of the bill will do and as someone mentioned below if I have a computer attached to the net am I a potential terrorist?
We have the means to stop hackers, but we will never get rid of the terrorist - someone will always disagree about something!!
I have tried, and hopefully, not offended anyone with my comments. | |
|
| Hackers or Crackers or whatever. If you enter someones system unauthorized it is wrong regardless of your intent. There are paid ethical hackers, but that is a job. Because someone is trying to be a "good" hacker and report vulnerabilities, doesn't make what they do just. Would you want some stranger trying all of the locks and windows in your house to see if it is secure? He can give you a report on how easily he entered your house and walked around. I think I would feel a little violated. They are doing and seeing things they shouldn't...period.
I work for a medical imaging company and one of our machines that reads X-rays is based on IIS. Guess what? Some of them got the Nimda virus. It's not too nice when someone comes to the hospital with a smashed chest and the Radiologist can't get and image. This wasn't the best scenario for some trauma patients who went to the hospital that night.
two cents | |
|
| hackers are good guys... crackers, on the other hand... |
|
|
|
|