Losing Your Hackinity
Tao of Data Security - Part 3 - Losing Your Hackinity. Previous and upcoming posts in this series:
In our experience, most hackers start from pure curiosity and some mischief which is fairly innocent and then some of them move to real felony – it “looks” the same – vulnerabilities and extracted numbers. Since you don’t “see” the victim – you don’t even think its a felony. It’s easier to detach yourself from the act. Hackers are just curious people with technological skills that when they are presented with something new, they just have to know how it works and when they know that they try to find how to use it in a way its creator didn't conceive. But the key driver: a total lack of recognition that what they are doing is bad.
An interesting profile was summarized here: "The most visible breed of computer cracker is an obsessive middle-class white male, between 12 and 28 years old, with few social skills and a possible history of physical and sexual abuse." But it may be time to reevaluate this profile. With the advent of industrialized hacking came botnets with an ecosystem of growers, renters and users.
More interestingly, according to psychiatrists, "hackers and computer-security experts represent the vanguard of cybercrooks: young, misguided males who rationalize that they've done nothing wrong." In fact, at his sentencing, Albert Gonzalez said, “I never gave a thought to the millions of people whose lives I impacted."
What is very interesting is to see what inspires hackers—typically some technical epiphany that led to breaking into software or an electronic device. Although its hard to prove, considering the rapid growth of software and devices in the future I suppose we can expect more and more hackers.
Some “how I lost my hackinity” testimonials were posted on a hacker’s forum:
Here are few highlights (with the original typos and grammar mistakes):
- hacked my wii
- My friends wifi network. I felt really happy despite the ease of breaking WEP. That and again depending on your definition my first 'blackbox' wifi hack led me to sniffing the traffic of a guy searching craigslist for random hookups with 58 year old cougars and a 31 year old 'secretly' gay who 'wasn’t getting enough from his wife and looking for a nice guy'. It was REALLY amusing to me."
- My first website hack was this kid from high school website. I guessed his password.
- The first thing I ever hacked was my friends Win95. His sister completely locked it out with passwords and forgot what it was. It was the first time I ever attempted do such a thing. I could only repair the OS for myself over years of practice, never even occurred to me to actually break into it until he needed my help. He had an experienced friend of his working on it for a week, and I took all of an hour to do it. It felt strangely satisfying to be able to do something like that, and ever since then I have been highly interested in doing so much more.
- ran a program (script kiddie ftw) to get the administrator password on a local machine while being logged in as a limited account on a windows pro sp1 machine back in middle school (now in college)
