The "Freeola Customer Forum" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.
Hackers are those nice people that invade your website without your permission then mail you to let you know what's wrong with it.
Crackers are those not so nice people that invade your website without your permission then change it for you, THEN let you know what's wrong with it.
The media just group them all under the name 'hackers'. For the purposes of this discussion so will I, it just makes it easier.
This topic is about the bad ones, the ones that crack open Visa Card numbers and use them, the ones that set up fake online shops and rip you off, the ones that do malicious damage to websites; the ones that are there, basically, purely for their own gain and amusement.
Hacking is akin to burglary; if your site has poor defences and the hacker gets in, that's what it feels like, like you've been burgled. I can understand the 'anti-social' mindset that makes hackers take that route in life, we've all been rebellious at one time or another, but todays hackers are more sophisicated than ever before, they started learning at just the right time.
In the same way that many people of a certain generation can never get to grips with computers because they arrived at the wrong stage in their lives, the truly 'skilled' hacker who started learning computing and coding at just the right time has a formidable arsenal of software and hardware weapons at their disposal.
The majority are teens to twenties, (tweenies?), and they have whole usergroups on the web to share files over, to discuss what sites to hack next, they have their own newsgroups, websites, even competitions for the best hack of the week. It's an underground IT subculture, and it's growing.
The damage that just one hacker could cause within a few hours is quite incredible. Literally trillions of dollars are wired electronically over the internet each day, most of it from only a few servers which are kept very secure in bomb proof secret locations, but if just one of them were to be hacked, businesses, and even whole economies, could collapse overnight.
It's a frightening thought, but literally anyone with a bit of spare time and an internet connection could learn to do it, all the information is there on the web for the taking. The worrying thing is, the hacker that does decide to go and hack the London Stock Exchange is probably a 14 year old kid in Clapham who's just had his pocket money cut by his dad, who hasn't a clue of the amount of damage he could cause by hitting that 'Enter' key at the wrong moment.
I'm not scared, I keep all my money in my wallet, not a bank.
:-)
Crackers are those not so nice people that invade your website without your permission then change it for you, THEN let you know what's wrong with it.
The media just group them all under the name 'hackers'. For the purposes of this discussion so will I, it just makes it easier.
This topic is about the bad ones, the ones that crack open Visa Card numbers and use them, the ones that set up fake online shops and rip you off, the ones that do malicious damage to websites; the ones that are there, basically, purely for their own gain and amusement.
Hacking is akin to burglary; if your site has poor defences and the hacker gets in, that's what it feels like, like you've been burgled. I can understand the 'anti-social' mindset that makes hackers take that route in life, we've all been rebellious at one time or another, but todays hackers are more sophisicated than ever before, they started learning at just the right time.
In the same way that many people of a certain generation can never get to grips with computers because they arrived at the wrong stage in their lives, the truly 'skilled' hacker who started learning computing and coding at just the right time has a formidable arsenal of software and hardware weapons at their disposal.
The majority are teens to twenties, (tweenies?), and they have whole usergroups on the web to share files over, to discuss what sites to hack next, they have their own newsgroups, websites, even competitions for the best hack of the week. It's an underground IT subculture, and it's growing.
The damage that just one hacker could cause within a few hours is quite incredible. Literally trillions of dollars are wired electronically over the internet each day, most of it from only a few servers which are kept very secure in bomb proof secret locations, but if just one of them were to be hacked, businesses, and even whole economies, could collapse overnight.
It's a frightening thought, but literally anyone with a bit of spare time and an internet connection could learn to do it, all the information is there on the web for the taking. The worrying thing is, the hacker that does decide to go and hack the London Stock Exchange is probably a 14 year old kid in Clapham who's just had his pocket money cut by his dad, who hasn't a clue of the amount of damage he could cause by hitting that 'Enter' key at the wrong moment.
I'm not scared, I keep all my money in my wallet, not a bank.
:-)
I have three wallets. One for the notes, one for the coins, one for the puppies and the cat to play with.
FantasyMeister wrote:
> I'm not scared, I keep all my money in
> my wallet, not a bank.
So, do you have very little money, or a very large wallet?
> I'm not scared, I keep all my money in
> my wallet, not a bank.
So, do you have very little money, or a very large wallet?
Wouldn't happen to have watched that nice propagan...er, program on BBC2 the other day would you?
While it's true that anyone with an internet connection and plenty of spare time (i.e. enough to master linux, scripting, and read/memorise various RFCs relating to TCP/IP and data transfer) can cause some serious damage, it's not as simple as a typical film or other "informative" program would have you believe. There is no Hollywood OS, with big red buttons you can push to simply transfer billions in to your account, you're faced with an xterm, nmap, and whatever you can make yourself.
The truth is, if you get far enough in to a banking system, you know what you're doing, and generally have a reason for it - the security around a network like that would be much more than a casual cracker would bother with. I suspect that many such operations involving large sums of money are done via connections open only for the time nescessary, to prevent anyone else accessing them while the transfers are idle.
Of course there are other threats than simply hacking in to a system and stealing money and documents - Denial of Service attacks (often carried out on MicroSoft.com), port dumps and the like.
There are various applications that claim to make hacking easy, and some (albeit very few) of these are effective, but usually for nothing more than crashing a remote box or disconnecting someone from the internet. Get one of these is risky anyway, as they tend to be riddled with trojans, but that's not what hacking is about.
Most hackers do what they do to prove themselves to a community - the "outsiders", or underground - so they get recognition and status within it. You don't get this by saying "ph33r me, I can ping -f", you get it by writing your own programs, spoofs and trojans to effectively take down or access a remote host.
Those simply following up a personal grude will usually do little more than place a trojan on their victim's computer and play around a bit. Other claim to be on a mission - anti-capitolists, stopping big companies from dominating the market (usually people invovled in the gnutella programming, or some other P2P system). This is where the line between hackers and crackers becomes very thin indeed - if you consider yourself to be helping people by stopping big companies, then you do what's nescessary to keep the companies out of the market, including taking down their computers, deleting their data, or stealing it for yourself.
Companies do need to find a way to stop the ever increasing threat of attacks via the internet, but there aren't many available options. The only linux variant (that I'm aware of) that guarntees security is OpenBSD - I think their last claim was 4 years without a single security hole. Every possible open port is blocked, aside from those you specify - you could open a very highly numbered UDP port for the duration of the transfer of your money, then close it again immediately.
No company concerned about stability and security should even consider windows (despite the lack of available cracks - B02K from Cult of the Dead Cow and various port dump techniques), but there are other alternatives...Keep one gateway system handling all external connections, web server, ssh, telnet, and then another one internally. Obviously, this would require internet access, and they could get this via a completely different system (so it seems unrelated to the facia of the website and other obvious ports people can see). Alternatively, connect the internal and gateway networks together, but develop a new system of sorts to hide the internal network from outsiders.
Thinking about it, it really is remarkably easy to access any files stored on a network with a connection to the internet (based on linux) - an nmap can fingerprint the distribution, then newsgroups are full of exploits and vulnerabilities for each of these...once you've obtained root on the system, you can go about doing whatever you want (on that box), just be sure to delete the access logs. Other machines on the network are another matter, but as I said, they all have vulnerabilities and are usually linked via ssh.
Complete protection will always be very difficult to achieve, crackers can develop new techniques faster than the authorities can deal with them, but the threat itself is exaggerated. Anything that could have a serious effect on the economy should not have a direct link to the internet anyway, and most of these places are well beyond the reach of the majority of crackers. However, if you get a group that's determined and skilled enough, they could pose a serious threat.
I have a lot of respect for many hackers, those who don't act malicously, but are sufficiently skilled to do so if they wanted to (unless they overuse l33t. I don't mind the occasional 0, but sp34k1ng |1k3 d1s d0nt sh0w sk1|z.) These are the people who have been involved with computers for years, and their support did a lot to bring them to the mainstream. These people are now being forced outside the internet community, primarily by the media, instead of being accepted and thanked.
Eeep...I don't expect anyone to read all that, especially at 2:50am..
While it's true that anyone with an internet connection and plenty of spare time (i.e. enough to master linux, scripting, and read/memorise various RFCs relating to TCP/IP and data transfer) can cause some serious damage, it's not as simple as a typical film or other "informative" program would have you believe. There is no Hollywood OS, with big red buttons you can push to simply transfer billions in to your account, you're faced with an xterm, nmap, and whatever you can make yourself.
The truth is, if you get far enough in to a banking system, you know what you're doing, and generally have a reason for it - the security around a network like that would be much more than a casual cracker would bother with. I suspect that many such operations involving large sums of money are done via connections open only for the time nescessary, to prevent anyone else accessing them while the transfers are idle.
Of course there are other threats than simply hacking in to a system and stealing money and documents - Denial of Service attacks (often carried out on MicroSoft.com), port dumps and the like.
There are various applications that claim to make hacking easy, and some (albeit very few) of these are effective, but usually for nothing more than crashing a remote box or disconnecting someone from the internet. Get one of these is risky anyway, as they tend to be riddled with trojans, but that's not what hacking is about.
Most hackers do what they do to prove themselves to a community - the "outsiders", or underground - so they get recognition and status within it. You don't get this by saying "ph33r me, I can ping -f", you get it by writing your own programs, spoofs and trojans to effectively take down or access a remote host.
Those simply following up a personal grude will usually do little more than place a trojan on their victim's computer and play around a bit. Other claim to be on a mission - anti-capitolists, stopping big companies from dominating the market (usually people invovled in the gnutella programming, or some other P2P system). This is where the line between hackers and crackers becomes very thin indeed - if you consider yourself to be helping people by stopping big companies, then you do what's nescessary to keep the companies out of the market, including taking down their computers, deleting their data, or stealing it for yourself.
Companies do need to find a way to stop the ever increasing threat of attacks via the internet, but there aren't many available options. The only linux variant (that I'm aware of) that guarntees security is OpenBSD - I think their last claim was 4 years without a single security hole. Every possible open port is blocked, aside from those you specify - you could open a very highly numbered UDP port for the duration of the transfer of your money, then close it again immediately.
No company concerned about stability and security should even consider windows (despite the lack of available cracks - B02K from Cult of the Dead Cow and various port dump techniques), but there are other alternatives...Keep one gateway system handling all external connections, web server, ssh, telnet, and then another one internally. Obviously, this would require internet access, and they could get this via a completely different system (so it seems unrelated to the facia of the website and other obvious ports people can see). Alternatively, connect the internal and gateway networks together, but develop a new system of sorts to hide the internal network from outsiders.
Thinking about it, it really is remarkably easy to access any files stored on a network with a connection to the internet (based on linux) - an nmap can fingerprint the distribution, then newsgroups are full of exploits and vulnerabilities for each of these...once you've obtained root on the system, you can go about doing whatever you want (on that box), just be sure to delete the access logs. Other machines on the network are another matter, but as I said, they all have vulnerabilities and are usually linked via ssh.
Complete protection will always be very difficult to achieve, crackers can develop new techniques faster than the authorities can deal with them, but the threat itself is exaggerated. Anything that could have a serious effect on the economy should not have a direct link to the internet anyway, and most of these places are well beyond the reach of the majority of crackers. However, if you get a group that's determined and skilled enough, they could pose a serious threat.
I have a lot of respect for many hackers, those who don't act malicously, but are sufficiently skilled to do so if they wanted to (unless they overuse l33t. I don't mind the occasional 0, but sp34k1ng |1k3 d1s d0nt sh0w sk1|z.) These are the people who have been involved with computers for years, and their support did a lot to bring them to the mainstream. These people are now being forced outside the internet community, primarily by the media, instead of being accepted and thanked.
Eeep...I don't expect anyone to read all that, especially at 2:50am..
Perfect example, Bonus and SR, you aren't holding any grudges now, are you guys??
Hackers are those nice people that invade your website without your permission then mail you to let you know what's wrong with it.
Crackers are those not so nice people that invade your website without your permission then change it for you, THEN let you know what's wrong with it.
The media just group them all under the name 'hackers'. For the purposes of this discussion so will I, it just makes it easier.
This topic is about the bad ones, the ones that crack open Visa Card numbers and use them, the ones that set up fake online shops and rip you off, the ones that do malicious damage to websites; the ones that are there, basically, purely for their own gain and amusement.
Hacking is akin to burglary; if your site has poor defences and the hacker gets in, that's what it feels like, like you've been burgled. I can understand the 'anti-social' mindset that makes hackers take that route in life, we've all been rebellious at one time or another, but todays hackers are more sophisicated than ever before, they started learning at just the right time.
In the same way that many people of a certain generation can never get to grips with computers because they arrived at the wrong stage in their lives, the truly 'skilled' hacker who started learning computing and coding at just the right time has a formidable arsenal of software and hardware weapons at their disposal.
The majority are teens to twenties, (tweenies?), and they have whole usergroups on the web to share files over, to discuss what sites to hack next, they have their own newsgroups, websites, even competitions for the best hack of the week. It's an underground IT subculture, and it's growing.
The damage that just one hacker could cause within a few hours is quite incredible. Literally trillions of dollars are wired electronically over the internet each day, most of it from only a few servers which are kept very secure in bomb proof secret locations, but if just one of them were to be hacked, businesses, and even whole economies, could collapse overnight.
It's a frightening thought, but literally anyone with a bit of spare time and an internet connection could learn to do it, all the information is there on the web for the taking. The worrying thing is, the hacker that does decide to go and hack the London Stock Exchange is probably a 14 year old kid in Clapham who's just had his pocket money cut by his dad, who hasn't a clue of the amount of damage he could cause by hitting that 'Enter' key at the wrong moment.
I'm not scared, I keep all my money in my wallet, not a bank.
:-)
Crackers are those not so nice people that invade your website without your permission then change it for you, THEN let you know what's wrong with it.
The media just group them all under the name 'hackers'. For the purposes of this discussion so will I, it just makes it easier.
This topic is about the bad ones, the ones that crack open Visa Card numbers and use them, the ones that set up fake online shops and rip you off, the ones that do malicious damage to websites; the ones that are there, basically, purely for their own gain and amusement.
Hacking is akin to burglary; if your site has poor defences and the hacker gets in, that's what it feels like, like you've been burgled. I can understand the 'anti-social' mindset that makes hackers take that route in life, we've all been rebellious at one time or another, but todays hackers are more sophisicated than ever before, they started learning at just the right time.
In the same way that many people of a certain generation can never get to grips with computers because they arrived at the wrong stage in their lives, the truly 'skilled' hacker who started learning computing and coding at just the right time has a formidable arsenal of software and hardware weapons at their disposal.
The majority are teens to twenties, (tweenies?), and they have whole usergroups on the web to share files over, to discuss what sites to hack next, they have their own newsgroups, websites, even competitions for the best hack of the week. It's an underground IT subculture, and it's growing.
The damage that just one hacker could cause within a few hours is quite incredible. Literally trillions of dollars are wired electronically over the internet each day, most of it from only a few servers which are kept very secure in bomb proof secret locations, but if just one of them were to be hacked, businesses, and even whole economies, could collapse overnight.
It's a frightening thought, but literally anyone with a bit of spare time and an internet connection could learn to do it, all the information is there on the web for the taking. The worrying thing is, the hacker that does decide to go and hack the London Stock Exchange is probably a 14 year old kid in Clapham who's just had his pocket money cut by his dad, who hasn't a clue of the amount of damage he could cause by hitting that 'Enter' key at the wrong moment.
I'm not scared, I keep all my money in my wallet, not a bank.
:-)