There is not such thing as fool-proof security. That only works with fools!
:From an IM conversation with my mom while dealing with a hack…
Monthly Archives: August 2001
Hackers, Script Kiddies, Virus writers : scum of the Internet?
Is there any possibility of a hackers code of ethics?
I must have jinxed myself by saying lots more long drives in the previous blog entry. As it turns out, I may just have to head back to DC in order to rebuild a few servers. Why? Because some person who seems to lack the good sense of applying their intelligence for the right purposes decided to hack my servers.
Recently, David Coursey, the Executive Editor of ZDNet’s Anchordesk, wrote a column entitled: The only fitting punishment for virus writers? Death!. Today, I think I know exactly where David was coming from when he wrote that! I spent all morning trying to track down an intruder whose antics had successfully crippled one of my crtitical servers. Still going actually, just waiting for some installation files to get transferred over to the datacenter before I return to conducting my autopsy of the hack-attack to assess the level of damage. So far, the resonating piece of advice I’ve received from CERT and all the people who I’ve spoken to is, wipe the machine and start over. I agree that that’s the best thing to do, and that’s what I’l probably have to do… but what a freaking waste of time and effort just because some idiot feel like they have the right to come mess with other people’s systems!
Now, I’ll admit that I’ve done my share of hacking for fun. I was never a serious hacker, but I knew enough to be dangerous. But all the hacking I did was never done with any malicious intentions and was generally limited to learning new tricks without causing any damage to anyone. The hacker mentality is one of someone who needs a challenge. I most cases, there isn’t really any real work or value that the hacker intends to derive from compromising your systems, but instead, it’s just a thrill, a rush… that I am smarter than the other person because I broke into their machine! From that point of view, I would actually consider hackers to be lower on the scale of “the scum of the earth” than someone who commits burglaries, steals or mugs people. At least in those cases they get something out of it!!
Even in hacking there can be some level or ethics and morals can there not? You want a challenge? You want to prove how smart you are? Then do it in a fucking constructive way. If you can’t find a constructive way and you still really want to hack, then go ahead, hack away, but do it so you can alert the person who’s system you’ve hacked to let them know that there is a hole in their system they need to plug!! Trust me a lot more people will recognize and appreciate what you do when you do it in such a way that it helps them than harms them! If your reason for hacking is because you want a kick out it, it’s a bigger kick to help someone and have them thank you then to screw up something they’ve spent time and effort working on!
What most hackers do these days is akin to the street-vandals who go around defacing other people’s property. How would you feel like if someone came in and spray painted your car huh?? That’s what you’re doing everyday that you go treading on other people’s work and effort as you go ssh’ing, rlogin’ing, telnett’ing and su’ing from machine to machine. So develop some request for things which do not belong to you! If you want computing power, then get it the right way! Check out projects like United Devices and SETI@Home. Build your own network. Learn how to channel your intelligence in a way that you can actually get something more back from it than just the hollow thrill of patting your own back!
Well, enough ranting on Hackers, Script Kiddies and Virus writers. I left a message for the hacker who broke into my system by modifying /etc/motd. It reads:
- Dear Mr. hacker:
Why the heck are you screwing with our systems?
We’d really appreciate it if you would leave them alone
and restore all the files that you messed with.
How’s that for a straightforward request? 🙂
If you need to contact us, email <address suppressed>
regards,
-m
Let’s see if he or she has the good sense to either just go away, have the courage and the decency to actually respond to it openly and explain himself or herself or if this is just another person content to be part of the scum of the Internet…
“Go read this site, as it deserves to be read by everyone”
– Brent Todd, The Weblog Review
– Brent Todd, The Weblog Review
sneaker.org just got reviewed by The Weblog Review and Brent Todd said some really nice things about it. So thanks Brent!
The review mentioned two things that he didn’t like as much… one the splash page (which says Locating sneaker… and second that the site was a little slow. Well, the splash page is purely eye-candy and was put up there for me to putz around with JavaScript more than anything else. It’s really not needed. But then I felt it worked along with the randomness theme of the site so I kept it. So what do you think? Should I keep the splash or lose it?? Leave your opinons in the comments for this blog (Someone better start using those comment things… no one’s used it yet!)
Regarding the speed issue for the site… well, it is running on a really really old PC. It’s a Pentium 200 mhz with 64 MB RAM running RedHat Linux and Apache. Unfortunately since I’m using server-side includes (shtml) to syndicate the content and using a cgi script to put the counts for the blog entires it’s not as speedy as I would like it to be. I could probably tune it a bit, but the traffic isn’t high enough to justify it yet. Might do that the next weekend I get some time. Anyhow, depending on when I run out of diskspace and processing power, the site may need to be moved over to a box with a little more juice than the current one!
Anyhow, check out the review for sneaker.org and don’t forget to rate it yourself for the user’s rating!!
Egotistical Irrationality
I’m currently reading a book titled Everyday Irrationality : How Pseudo-Scientists, Lunatics, and the Rest of Us Systematically Fail to Think Rationally on the recommendation of a friend. The author Robyn M. Dawes is a professor at Carnegie Mellon. As I would hope and expected, the book makes one question the basic assumptions of human behavior to identify the places where we are being irrational. Right up my alley. Somewhat academic (understandably so!) but still very interesting stuff nonetheless.
So as a result of reading this book and another one of my daily experiences, I started thinking this evening about how ego plays a role in irrational decisions. This is specifically in reference to a previous blog (okay, this sucks, the way my archives are setup using frames right now, I cannot link directly to a blog entry. That is unacceptable and so I’ll have to change that soon, till then, you’ll just have to find it in the archives yourself) titled Fear, Regret and Hope. In that blog I wrote about how IMHO (In My Humble Opinion) fear of the consequences often prevents us from taking an action and if we succumb to that fear, what we land up with is regret. Today’s hypothesis based on my own experience is that the fear is primarily that of getting a bruised ego. The fear of rejection. The fear of failure. The fear of looking like a complete idiot — what’s that saying… It’s better to keep you mouth shut and have people think you are a fool, than to open it and remove all doubt!.
So ego plays a huge role. Often to the extent that because of it… or better yet, because of the fear of getting a bruised ego, we choose to not take a chance, which if analyzed could be an irrational decision. Well, I’m not sure about that.. because does a bruised ego count as a possible negative outcome? How do you quantify the effect of that?
Anyhow, the bottomline is that I feel a little hypocritical, because though I can sit here and write about this stuff and analyze my own actions, it is definitely a lot harder to embody the ideas everytime, all the time, in all situations. I guess I’m still too self-conscious in some cases and still need to train myself better 🙂 There is always room for improvement. It’s the largest room in the house.
:note to self. sbux aim
O.G. (The Opera Ghost from Gaston Leroux’s Phantom of the Opera)
In my continued resolution to try and do the things which are most unlike what I would have done earlier and to try and educate myself some more, I’ve taken to listening to books on long drives. I like driving (would be much more fun if it wasn’t for the tension inspired by the damn highway cops!), except for that if I’m not cntinuously engaged, I also tend to fall alseep in a car very quickly. Not a good combination. So as an attempt to try and mix the best of both – I picked up a couple of audiobooks from the Carnegie Library to try and combine reading with driving (okay, all those folks who’ve ever sat in a car with me driving are probably cringing right now…)
Anyhow, so one of the audiobooks I picked up was The Phantom of the Opera by Gaston Leroux. Now, I’ve only heard of the Phantom of the Opera before and never read it or never knew the story. I used to keep hearing the musical score for it once in a while and also heard the ads for the performance at the Pantages Theatre in Toronto… something I now definitely plan on doing now; going to Toronto to see the performance of the Phantom of the Opera (it’s only a 7 hour drive from Pittsburgh, I’ve done it before and right now I even have a Canadian visa!). So this was my first time really getting the whole story behind this wildly popular show.
So on my drive this weekend from Pittsburgh to Washington, DC and back, I popped in the first CD to the famed novel and started listening. It took a littke getting used to at first since I had to figure out a balance between focusing on the road and paying attention to the orator. Especially, since my exposure to French has been very minimal 🙂 Initially, I was skeptical about whether I would like the story since it starts out leading one to believe that there is a true ghost in the Paris Opera House. Given my highly skeptical nature, I just wasn’t comfortable accepting that basic premise. I guess this is where my firm convictions and the storyline of a work of fiction collided. But needless to say, by the time I made it to 270 (the main highway leading into DC) I was on the forth CD and completely hooked as the mytery to the true identity of the masked monster and his seemingly supernatural abilities and dreadful antics kept building up. When I reached my destination, it was with a definite air of disappointment that I turned off the CD player before exiting my car.
Today, on the drive back I continued where I left of and all the way from DC to Pittsburgh, listened to the rest of the story. In fact, the last CD wasn’t finished by the time I parked outside my apartment, but I was so curious to hear it all the way to the end that I sat in the car with the engine running till the time I reached the end.
The character of the Opera Ghost is thought provoking. A classic example of a person who because of his unpleasant appearance was led to a life which was filled with ethical dilemmas and actions which at the same time made one feel sorry for him and be enraged by him. The pain, the fear, the love and the loathing are brought to life in this glorious novel, which is obviously well worth the read (well, listening). Since I am definitely not worthy enough to comment on it further, I’ll stop at just saying that I’m glad I made the trip and listened to the book along the way.
At this rate, I’ll be making several more long drives 🙂