Transcript pcij.org
Hackers are your Friends What a Hacker is (and is not) ● Tired ● Wired – Nerdy – Average – Teen – 16 to 45 – Social misfit – Socially competent – Technically competent – Script kiddies – Terrorist – Ego surfing – Shadowy – Normal, average kid Crackers and Hackers ● Crackers – aka script kiddies – Young – Unskilled – Relies on scripts/tools – Lots of them – Dangerous to themselves Crackers and Hackers ● Hackers – L33t – Skilled – Software writing skills – Analysis skills – Older – Was script kiddie at one point – Not necessarily security related Motivations ● Ego and personal gratification through peer recognition ● “Show me the money !” ● Technical cause ● Scratching a personal itch ● Politically and socially neutral The Hacker Manifesto This is our world now... the world of the electron and the switch, the beauty of the baud. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike. Hacktivism ● Focused on freedom and libertarian situations – Caveat: sometimes narrow boundaries around technology issues – US DMCA, Patriot Act, Clipper Chip – Export control of cryptography – DeCSS DVD Decryption – Domain Name related issues – Information defined as software and other largely technical documents – Not usually politically or socially motivated ● Exceptions EFF, cDc, FSF, 2600 Magazine Hacktivism ● ● ● ● ● Concerns on software patents, cryptography Focus on human rights in so far as it pertains to arrests by law enforcement (FBI, local police, Justice Dept) Epicentre moving away from the US towards Asia and Europe Usually politically agnostic and neutral – No interest in social or political agendas – Avoidance of the real world Clannish, tribal and fiercely loyal Early hacktivism ● Anon.penet.fi – Julf Helsingius – First and most famous anonymous remailler – Used extensively by the underground – Shutdown due to efforts of the Church of Scientology – Efforts by the Singaporean government, but rebuffed – Spawned many anonymous remaillers Early hacktivism ● Pretty Good Privacy – Phil Zimmerman – Common publicly available consumer encryption programme – Used extensively for privacy, authentication and integrity of messages – Spawned other open source projects of its ilk – Driven by Phil's anti-nuclear beliefs – Patent licensing issues – Spawned a movement to ridicule US crypto export policy Early hacktivism ● Free Software – Richard Stallman – Software freedom – Percusor to the open source movement – Semi-political agenda – Driven by a mixture of socialist beliefs – “Spiritual leader” of thousands of geeks Regional “Hacktivism” ● Malaysia – Indonesia cyberwar – Sparked off by dispute over Ambalat oil fields in the Sulawesi Sea – Not officially approved – Self-organized hacker collectives ● – Largely script kiddies Focussed on defacement of government and community websites ● Collateral damage Malaysian “Hacktivism” ● Reformasi – Defacement of websites – Initiated by both sides of the political divide – Keadilan vs UMNO – Unofficially sanctioned – Stopped by the elders of the computer underground – Politically motivated websites – political propaganda ● ● Persists till today Fuelled the blog revolution in Malaysia ? MalaysiaKini attacks ● ● ● Repeated, automated voting of online poll – Potentially a denial of service attack – Script kiddie class attack Traced to a computer lab in University of British Columbia, Canada Not state or politically motivated Engaging Hackers ● ● Understand the issues which hackers care about Show reciprocity and support – ● Quid pro quo Engage with them on these issues – Software patents – Cryptography – Free and Open Source Software – Computer Crimes legislation Thanx !