Forbes Offers a Sympathetic Portrayal of Hackers 97
selain03 sends us to Forbes for a surprisingly tolerant article on the recent Defcon. The reporter spoke to several of the event organizers and faithfully conveyed their characterization of the community as motivated by curiosity about technology. The article quotes a Department of Defense cybercrime guy: "Run-of-the-mill individual hackers are just noise as we try to focus on the real problem. We have to investigate every threat, but we're often dealing with ankle biters." A refreshing perspective to read in the mainstream media.
Re:"ankle biters"? (Score:2, Interesting)
Alternate definitions (Score:3, Interesting)
When I was just starting learning security stuff circa '95-'97 the term 'cracker' referred (in most stuff I read and by people I talked to at the time) to people who modified binaries on their own system to do things they weren't supposed to (such as a no cd crack or adding new features to a binary - it didn't have to be illegal), while hacking usually referred to gaining unauthorized access to anything, be it local or over network.
It all depends on what crowd you gained your definitions of hacking and cracking from. I prefer these definitions because they seem to have more precision. You can hack for multiple reasons (good or bad, white or black hat), you can crack for multiple reasons (good or bad, white or black hat).
A company I worked for had a lot of cracked copies of their software circulating the Internet and I spent some of my time for them reverse engineering and preventing one of their more mysterious and unsolved cracks - I'd call that white hat cracking.
Re:"ankle biters"? (Score:5, Interesting)
The only movie related thing that is real for a black hat is the briefing closing line from Mission Impossible: If anything goes wrong, we don't know you anymore and have never known you even existed.
Re:"ankle biters"? (Score:4, Interesting)
I'm honestly not afraid of hackers. I mean, the old school kind. The "real" ones. The ones that actually know that TCP/IP ain't the Chinese secret service and that a buffer overflow isn't something that requires a plumber to fix. In their growth years, they sooner or later stumbled upon the hacker's creed, and whether they heed it or not, the damage they do is usually minimal. Yes, they may steal your data (which is often enough a severe damage), but they don't destroy data intentionally.
What I'm afraid of is the scriptkid. The person without a clue, but with a tool. He doesn't know what he does, he doesn't know what he aims for, but he just clicks and hopes, trying to destroy and mess with other people's computers. He's the equivalent of the schoolyard bully. No clue, no skill, no perspective, but the need to once at least "prove" that he's "better" than someone else. If you're looking for wanton data destruction, that's the place to look for it.