Though we often associate Hacking with criminal activities. Hacking
does not always mean breaking into computers.
There are different definitions:
- A person who practice hacking is called a hacker.
- Hacking can be just to find out how it works without criminal intent.
- Hacking can be simply to crack a code
- A hacker can be breaking into a computer that's yours, often not wanted,
and now prohibited by law.
Originally Hacking had nothing to do with breaking into one another's computers. It was primarily tinkering away with hardware to make things work. And this strain of hackers are still out there in multitude!Hacking can also be done to perform reverse engineering of software whereof the source code is lost. Mostly done with legacy or so called "Ben Hur" (old) systemsHacking also can be cracking a code (Enigma code during WWII, modern spies deciphering secret messages, or just for the fun of the intellectual challenge!)But, for the general public at least, in the last few decades tinkering away with hardware became equivalent to: gain unauthorized access to a computer. This is how the press and official and may be not so official bodies wants us to believe....Or cracking the security coding of satellite TV or copy protection of data media like dongles, CD's, floppies, DVD's etc. This is often called cracking and the person doing that is mostly called a cracker. Mostly activities in that aspect are illegal.
Any more definitions, oh yes. Hacking or Cracking is merely a
human trait that is triggered and inherent to our being: our unbridled curiosity.
Hide something and you're bound to find someone that wants to find out. Make
some complicated machinery or other gadget and someone will find a way to reverse
engineer it. Nothing malicious too that. But it is the use you make of your
gained knowledge that makes it sometimes illegal.
The players:
Government and their enforcement, hackers, companies, security organizations,
highly skilled (software) engineers|
As authorities and contra's see it
|
Now, there are always two sides of the story
|
As hackers see it
|
Here is another view:
Crackers (hackers), whom are mostly depicted as criminals by official bodies, have less problems with ethical considerations. They often operate on the edge of the law or beyond. In their view the law is but a contemporary set of unwieldy rules not intended for hackers or crackers and reflected upon as a nuisance for the free creative mind.More controversial:
Some people consider the act of cracking itself to be unethical, like breaking and entering. But the belief that 'ethical' cracking excludes destruction at least moderates the behavior of people who see themselves as 'benign' crackers. On this view, it may be one of the highest forms of hackerly courtesy to:The most reliable manifestation of either version of the hacker ethic is that almost all hackers are actively willing to share technical tricks, knowledge, software, and (where possible) computing resources with other hackers. And to remind you: huge cooperative networks such as Usenet, FidoNet and Internet can function without central control because of this trait. They both rely on and reinforce a sense of community that may be hackerdom's most valuable asset.
- Break into a system,
- and then explain to the sysop, preferably by e-mail from a superuser account, exactly how it was done and how the hole can be plugged -- acting as an unpaid (and unsolicited) "tiger" team.
Hacking a computer system
A few requisites
Surprisingly enough there is no distinct profile of a hacker.
He or she comes from all creeds and breeds, old or young. Some see it as a sport:
'the tinkerers'. Others just want to get to the goodies, some are spies, some
are just out to destroy the system, some are even anarchists, and some are pacifists
trying to save the world and not to forget some are professionals unveiling
the weaknesses of a particular system. They are rich, poor, wealthy, upper or
lower class, blue color or white color, smart or just lucky. Hark! Computing
does not make a difference.
But, when they are pursuing it, they all WILL find a way to gain access into company, government or other computer systems.
Since not all humans are evenly smart and intelligent there are various types
of hackers and methods to gain access to computers. But, when they are pursuing it, they all WILL find a way to gain access into company, government or other computer systems.
What would you need and need to know whilst to be or becoming
a hacker that wants to hack a computer:
- You need to create your own special password crack program, dial in simulators, firewall penetrators, worm "alike" assault mechanisms, listeners, decoding or decrypting engines,
- Need good practical knowledge of C, machine language and at least some Awk or Sed, VI when going for the big irons,
- Know how to handle Artificial Intelligence,
- How knowbots and search agents work and be able to create one,
- Need a good knowledge on TCP/IP mechanisms and other stuff comprising network protocols,
- How to get into PBX or other phone switch components,
- Would need to gain knowledge about the computersystem that wants to be hacked,
- Good to excellent knowledge about the operating system you are likely to encounter,
- Have knowledge about network layouts and system architecture of the system to be hacked,
- Need to understand the security measures in various breeds of security levels,
- How to make use of backdoors,
- Have a good grasp of likely and possible flaws or leaks in firewalls, routers and access server software,
- Must know how to cover their traces (e.g. by masking their presence on the net or computer's logfiles),
- Be VERY VERY secretive and know when to go for cover,
- Time must be abundant,
- the list goes on and on...
Now you should understand why companies want to hire a caught
hacker: he or she knows it all!
Also you will understand that to be or become a fairly successful
computer hacker you have to be a knowledgeable, intelligent and persistent entity.
When you never want to be caught you have to be crazy and genius at the same
time. And you will never read this page on hacking.
-o0o-
But to get there means doing it. And how to achieve a hack depends
on the complexity of the system, the level of security, the intelligence of
the hacker and above all its persistence. And a combination of all of the above.
Generalizing there are three large contingents of hackers.
The hardworking, knowledgeable and intelligent one- These persons are the most secretive and intelligent persons and hacking is not a hobby but a convocation
- They design their own software, borrowing means to give away your identity
- Build sometimes there own hardware that switch between PBX's with difficult to trace marks
- Know their way around in networks and play with it as if it are toys
- Are mostly not a member of any group
- They know very well how to hide what they have done
- Are never heard of or they get arrested and convicted under false pretense as to cover the real reason, but would be waited for at the prisons gate by representatives of the same company they hacked
- Or just rot away in a prison or psychiatric institution and only come out when old and useless or crazy as a door
- Have a bit of luck not being caught
- These types use a mixture of tools, either made by group members or designed by themselves
- There is fair knowledge about operating systems and computing networks
- Most of the time this type of hacker is member of a hacker's group or so you want organization
- Some are working with temporary loose clusters of individuals acting together for a hack
- There are inner circle 'manuals'
- Use information via the Internet of other channels, not much pure individual work is done
- Have a lot of luck not being caught
- Use somebody else's dictionary or programs to generate passwords
- Use a list of often used usernames (e.g. admin)
- Have a list of easy to hack systems
- Have a hacker's "cookbook" to gain access (tips and tricks)
- Don't bother about leaving traces
- Be member of a hacker's ring and exchange information freely
- Have all the world's luck of not being caught
Actually to make a hack the need for hardware or software is modest. All you need is a connection to the Internet, or have a modem of various types (synchronous, asynchronous) or a connection via cable or an existing network. Plenty of time and some intelligence and luck. And to no much surprise you will be in business before you know it.
This all sounds very optimistic, but be aware that:
IT IS WAR OUT THERE !
As soon as you enter the arena the cyber-war is going to be between the guardians and you. So don't tell us you weren't warned! There are only a very few success stories. And of course economic interest grow larger by the day, companies will try to protect their products more and more aggressive, especially the music industry.
-o0o-
The latter years of the 1990's various government bodies established what has become known as cyber cops.
The FBI, KGB, CIA, MI5, Interpol, United Nations, various secret services of all governments, anarchistic movements, terrorists fractions, police organizations all have their special cyber forces.
Most governments are overreacting in their law making attempts to secure the networks and attached computers. Mainly because of 'what you don't know you fight'. But also: what might be expected of a politician that heard the term hacking for the first time when attending a meeting on that subject to pass a law. Just imagine, by the time the law is passed the technology has again leaped forward to make the law redundant by the time it gets approved. Or what becomes more and more the reality producers of audio visual products try to clamp down on relatively innocent attempts to circumvent copy protection schemes, some are not so innocent agreed. But again the industry is overreacting as was the case in the late 1980's. Millions of dollars were spent in protecting software but by the time the software reached the market hackers broke the code. The difference now is that the industry is trying to stamp down on the creators of anti copy protection software like dropping an atomic bomb on an anthill.
But protection schemes and the technology behind it becomes much more complicated every day. It is therefore no wonder that corporations and other agencies turn to specialized persons or businesses that specialize in that type of security. From the end of the 20th century that industry is booming: cyber security. There is little to tell about these companies of organizations. For obvious reasons: there is little known. History has just begun.
-o0o-
Hackers Chronology(3)
1878
Less
than two years after Alexander's Graham Bell's telephone system went into operation
a group of unauthorized teenagers were thrown off the network.1960
Early
mainframes at MIT were used by 'original' hackers to develop skills and explore
the potential of computing. 'Hacker' was, at that time a complimentary term
for users with exceptional knowledge of computing1971
picture: John Draper
|
Before
the widespread use of computers and the Internet, 'phreakers' used the
more prevalent playground of telephone networks. John Draper, a.k.a. Cap'n
Crunch, finds a toy-whistle allows callers to circumvent billing systems
for long distance calls |
1976
'Freedom
of Information contra security by obscurity' Two homebrew computer club members Steve jobs and Steve Wozniak launch so called blue boxes which can be used to hack into phone systems.
1983
First
arrest of hackers as FBI clamps down on 414 group after it hacked in to the
Los Alamo research center
The
movie war games is released, shaping public perception of hackers and glamorizing
the hackerPlovernet
BBS (Bulletin Board System) was a powerful East Coast pirate board that operated
in both New York and Florida. Owned and operated by teenage hacker 'Quasi Moto', Plovernet attracted five hundred eager users. The actual Legion of Doom bulletin board was quite ahead of its time. It was one of the first "Invitation-only" hacking based BBSes; it was the first BBS with security that caused the system to remain idle until a primary password was entered; and it was the first hacking BBS to deal with many subjects in close detail, such as trashing and social engineering. This BBS was so heavily trafficked, that a major long distance company began blocking all calls to its number (516-935-2481).(7) Eric Corley ('Emmanuel Goldstein') was one-time co-sysop of Plovernet, along with 'Lex Luthor', who will found the phreaker/hacker group, Legion of Doom.(6)
1984
 |
Quarterly publication 2600 (named after the frequency of John Draper's whistle) is founded, providing a platform for hackers and phreakers (phone hackers) |
Two
hacker groups form this year:The Legion of Doom in the United States founded by the hacker .a.k.a. Lex Luthor to educate new generations of hackers.And the Chaos Computer Club in Germany.
In
one of the first arrests of hackers, the FBI busts the Milwaukee-based 414s
(named after the local area code) after members are accused of 60 computer break-ins
ranging from Memorial Sloan-Kettering Cancer Center to Los Alamos National Laboratory.Comprehensive
Crime Control Act gives Secret Service jurisdiction over credit card and computer
fraud. 1986
January;
Legion of Doom/H member Loyd Blankenship ('The Mentor') is arrested. He publishes
a now-famous treatise that comes to be known as the Hacker's Manifesto. (6)| The following was written shortly after my arrest... \/\The
Conscience of a Hacker/\/ by +++The Mentor+++ Written on January 8, 1986 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"... Damn kids. They're all alike. But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world... Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me... Damn underachiever. They're all alike. I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..." Damn kid. Probably copied it. They're all alike. I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me... Or thinks I'm a smart ass... Or doesn't like teaching and shouldn't be here... Damn kid. All he does is play games. They're all alike. And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..." I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all... Damn kid. Tying up the phone line again. They're all alike... You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert. This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike. +++The Mentor+++
source: http://www.phrack.org/show.php?p=7&a=3 Phrack
Inc. Volume One, Issue 7, Phile 3 of 10
|
1987
Seventeen
year old Herbert Zinn is arrested in September after hacking AT&T's system
for months. Experts say he was close to crashing the entire US phone network.(9)First
known MS-DOS virus 'Brain' is created. Investigators believe it is written by
two brothers in Pakistan. It infected the boot sector of floppy disks1988
Robart
Morris crashes some 6000 computers across the ARPANET with his worm which he
claimed is accidentally released.CERT
(Computer Emergency Response Team) is founded in response.First
anti virus software released by a code writer in Indonesia1989
First
known case of cyber espionage in Germany (west) allegedly the CHAOS computer
club is involved.Mentor
releases the hacker manifesto Conscience of a hacker, which ends with the intriguing
line: "You may stop the individual, but you can't stop us all." 1990
Freedom
on the Internet advocacy group Electronic Frontier is launchedSophisticated
virus types such as polymorphic viruses ( which modifies themselves when they
spread) and multipartite viruses (infecting multiple locations in the machine)
appear.First
National Citybank of Chicago is relieved of 70 million US$ in the first acknowledged
major computer bank hack.Hacker
Dark Dante, Kevin Lee Poulsen, is arrested after a 17-month search. He got hold
of military secrets.Mitnick
and Shimomura lock horns1993
The
first Def Con hacking conference takes place in Las Vegas. The event was supposed
to be a one-off-knees-up to bid good-bye to BBS's (outdated by the web), but
was so popular it became an annual event.Hackers
hit US federal web sites, including the CIA, Department of Justice, NASA and
the Air Force. This isn't popular with US officials. ;=)1994
Vladimir
Levin, the legendary head of a Russian hacking ring, is believed to have masterminded
a $10 million virtual holdup of Citybank. He is arrested in London a year later
and extradited to the USA.1995
US
defense department suffers a quarter of a million hacks in one year.
Kevin Mitnick
Mitnick
is arrested on suspicion of stealing 20,000 credit card numbers. He pleads guilty
a year later.
The
movie Hackers hits cinema screens, sparking more misconceptions about hackers'
activities.1998
Network
Associates runs an anti-hacker advert during the Superbowl in the US. In it,
two Soviet missile technicians blow up the world, unsure whether the orders
came from Moscow or hackers.Hackers
claim to have cracked a military satellite system and threaten to sell secrets
to terroristsNIPC
(National Infrastructure Protection Center) launched with multi million dollar
funding.Hacking
group LOpht tell congress it could shut down the Internet in half an hour and
calls for greater security.1999
Massive
year for Microsoft patches as hackers exploit Windows 1998 vulnerabilities.
Birth of mainstream anti-hacking software.2000
Denial
of Service attacks cripple the net's biggest names.
Jon
Johansen (Norway) co-authored with two other programmers who remained anonymous,
a program called DeCSS and published it on the Internet.The program decrypted DVD's so that DVD's could be run on a computer too. On Jan 23 he got arrested on the charge of hacking on to other's computers: by creating a program that enables people to watch (legally bought) DVD's on their own computers in stead of a stand alone DVD player. This time the case was not won by the Motion Picture Association because the E.U. law they were banking on was not yet implemented(8). A few years later in 2005 Jon Johanson will be acquitted by the justice department because European law explicitly allows reverse engineering when needed for interoperatibility.
2001
XP
- 'the safest windows yet' - is cracked before launchBenni
Baermann posts his "eight thesis on liberation"
on 27th of December. A statement that can be interpreted as opposition against
commercial software and pro sharing of knowledge. All in the thru hackers philosophy.2002
Microsoft
Bill Gates launches Trustworthy computing. It soon appeared the the security
leaks were as numerous as in all other Microsoft
software.ISP
CloudNine was literally hacked to death because of massive DOS attacks. The
company could no longer serve its customers and closed down its network. Customers
are transferred to other ISP'S and the company goes broke.
-o0o-
Hacker movements
(Publicly known)Chaos Computer Club 1989 The CCC (Chaos computer club) from Hamburg began around 1989 as a loose organization of hackers with modems.
They proved how good they were so people would be interested. They took over app. 75,000 US$ from the Hamburg's national savings bank but then they gave it all back the next day.
The Chaos Computer Club is also associated with cracking computer systems on assignment for the Russians.
hacking
ReplyDelete