View and vote on the article here: Good hacker, bad hacker
Good hacker, bad hacker| Category | | | Summary | | Which would be for you the correct definition for hacking? And what about that thin line which is between a "Boy Scout" and a "Lucifer"? Read along for a personal reflextion about how society understands hackers. |
| | Body | First of all, I have to say that nowadays the meaning of the word 'hacker' is maybe totaly corrupted. Not all the people who asure that they are hackers really are, and of course, not all the people who asure that they aren't, really are not.
May be is not the bad use of the word by some pretenders, but how other people look at hackers (or informatic security amateurs, which is my favourite definition). I'll bring you some examples from Spain.
"La Moncloa" website (http://www.la-moncloa.es), which is the palace where Jos? Mar?a Aznar, the spanish prime minister lives, is famous for being discovered 2 security holes in the past 3 years.
Is not the security of this server I want to judge is how the two guys who separately discovered the holes where treated. What would you do if doing whatever you come accross a security breach and you can't find an e-mail where to explain it? This is what happened to them.
Finaly, their logic told them to post the problem in a Forum explaining why they had to write down there, but in the beginning, spanish police acused them of "attack to the gobernment". Don't worry, it didn't last much, some intelligent people warned the prime minister about not to carry on the process.
In my opinion. these 'anoynimous' hackers made a good example of patriotism warning the gobernment about holes without exploiting them (maybe you never can tell, but looks like not), but they were received something like crimminals.
Maybe is it about the mehods used? Well, in this case nobody would be safe if you are looking for holes only with your Web Browser and telnet (well, your Web Browser in junction with a well known web-finder could be a powerful tool, just wait some issues to discover where and how, I can't explain everything here ;D). Looks like they are going to arrest you because you warned them of something big and you used illegal programs you found on the net and of course, if you are posting it elsewhere but in an e-mail that doesn't exist. So what? Someone else could do the same, using the same methods as you, without warning, and making a real serious damage to their systems. This last statement could be for me that "red thin line" I was talking at the beginning of this editorial.
Maybe "La Moncloa" case is not the most tremendous. IF you are spanish, maybe you should know http://www.invertia.com, the portal of the investors. Another spanish hacker who now is leaving in USA because he had several problems with spanish justice, 1 year ago, discovered an exploit in this portal clients database and the first thing he did was sending an e-mail to the webmaster (in this site there was an e-mail where to send things). After 4 hours from knowing the news, the webmaster decided to shutdown the server (oh, I didn't tell you, it was a webmaster but he didn't know even how to use Microsoft Office) and to send an e-mail to his boss just telling that the hacker was the responsible of the appearing of the exploit and that he was using spiders (and other technical words he didn't know exactly the meaning) just for grabbing the clients info.
For me there's a conclusion, I'm confused about what to do when "doing whatever anybody could do on the net". If you are in your office and you discover that the Win98 of your next door coleague is sharing the entire HD without knowing it, and you talk him about it, he will probably shout to you that you don't have the permission to see this kind of things... and this is the point I wanted to arrive with this: "If you can do it, someone else could, and maybe is better for the system that you were the first who discovered it and not others". |
|
This article was imported from zZine. (original author: dante00)
There are no replies to this post yet.
|