Home of the Guides to (mostly) Harmless Hacking Brought to you by... The website computer criminals don't want you to read!
 
  
   
 

Your Friend,The Computer Hacker

    One should never put on one’s best trousers to go out to battle for freedom and truth. -- Henrik Ibsen.

    Where did cyberspace come from? What makes it grow? Who keeps it free despite criminals, cutthroat monopolistic corporations, and Big Brother government agencies?

    Hackers.

    Wait just one minute, you may ask. Aren’t hackers guys like Kevin Mitnick who tap people’s phones, steal people’s private e-mail and download gazillions of credit cards from dotcoms?

    Sigh. When reporters descend on someone caught committing computer crime, the culprit parades around exclaiming “I am a f***ing genius, man! I am a hacker!” Reporters, being by nature gullible, buy the story. The result? Us real hackers get a totally undeserved black eye.

    Eric Raymond, author of The New Hacker’s Dictionary argues, “Real hackers call these people [computer criminals] ‘crackers’ and want nothing to do with them... being able to break security doesn’t make you a hacker any more than being able to hot wire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end...

    “The basic difference is, hackers build things; crackers break them.”

    OK, we admit it -- most of us hackers also know how to break into computers. Big deal, anyone can break into a computer if it isn't well enough defended. However, as has Raymond pointed out, hackers typically figure out how to do one heck of a lot more than just break into things. Hackers build things.

Hackers keep cyberspace free despite criminals, cutthroat monopolistic corporations, and Big Brother government agencies.

    Where did e-mail come from? In 1969, hackers playing around on a military computer network, ARPAnet, were the first to invent e-mail. In 1979, two ARPAnet hackers, Tom Truscott and Steve Bellovin, invented newsgroups. The World Wide Web wasn’t some planned corporate or government creation. In 1990-91 Tim Berners-Lee cooked it up. By himself. With no giant government or corporate plan to create it.

    Today, over two-thirds of all web sites run on the Apache webserver. It’s a free, powerful and secure webserver. Where did it come from? You guessed it, hackers.

    The second most popular operating system in the world (after the various forms of Windows) is Linux. Many of the world’s top supercomputers get their blinding speed from Linux. Yet it is so easy to install and use that millions of people run it on their home computers. Linux, too, is free. It was created and is constantly improved by a team of hackers led by Linus Torvalds.

    Hackers do more than build a better cyberspace. Hackers are the people who lend a helping hand on this wild frontier.

    Hackers do more than build a better cyberspace. Hackers also are the people who lend a helping hand on this wild frontier.

    When the bad guys hit your computer, who are you gonna call? 911? Chances are your attacker is hitting you from out of state, or from another country. The local police can’t touch them. So do you call the FBI? If they even return your call, they will want to know how much money the bad guys are stealing. Unless you are a giant company with political pull, the FBI will brush you off. How about calling a computer security company? You’d better be rich, because their help will cost hundreds of thousands of dollars.

    So where can you get help?

    Recently Sydney Urshan complained to me that someone was attacking a web site of mine, cmeinel.com, which was hosted at his company Nethollywood.net.

    Urshan is a real hacker. He’s invented a router that milks more bandwidth out of a DSL line than you would dream was possible. He’s also written a shareware program to defeat copy protection for Macintosh programs, KeyDisk TERMINATOR. He also has invented a novel optical storage device.

    Urshan also had figured out how to make his web hosting service exceptionally secure. However, no one hacker knows how to do everything. Like most people, hackers often work best in teams. So we are always calling on each other to help solve problems.

    A few minutes after Urshan and I spoke, Greggory Peck phoned me. “What’s up, Carolyn.” He knows something is always hopping around me.

    “Someone is trying to break into my Techbroker web site…” I began.

    Peck interrupted. “Let me in on this! I want to play.” Since then Peck, who normally makes an astronomical salary handling computer security for his employer, has been working with Urshan, without pay, to quell the attacker(s) and increase security.

    Attacks have been coming in from many different computers, often from Korea, China and other Asian countries. When Peck first saw Chinese computers among the attackers, he phoned me. “Carolyn, I have a moral dilemma. The Chinese government executes computer criminals. Should I report these attacks?”

    I wouldn’t want anyone to face a firing squad over this. However, looking over the records of the attacks, we figured out that our assailants were not Chinese. It was one person or gang, based in the US, attacking from many computers that they had taken over.

    Once we settled the moral issue, Peck began a campaign of arranging for the attacker(s) to get kicked off every computer they used. The attackers had to run and hide. So far every attack has flopped.

    Urshan could have solved his problem by kicking cmeinel.com off of Nethollywood. Instead, he has the satisfaction of being an Internet freedom fighter.

    Meanwhile, “I’ve been having a blast!” says Peck.

    Another hacker friend, Bruce Meyer, called me when he discovered an intruder on a computer where he works. The simple fix would have been to simply rebuild the victim computer to be sufficiently secure that the intruder would never return. However, the hacker spirit is to learn as much as possible and do the best job possible, not just slide by. So I called a friend and asked him to help analyze the incident. According to Meyer, “This fellow called saying ‘I’m a friend of Carolyn’s. Don’t tell anyone I ever helped you.’”

    First, this Lone Ranger type tracked down who the attacker was. What he did to the culprit, well, no one is telling. Hacker justice, hmmm… Then he and Meyer worked together to beef up security.

    By now even your home computer may have been hit by computer crime. Just what you need -- some brat displaying dirty pictures on your desktop and deleting files. As Bruce Meyer says, “It’s war out there. It’s like people who knock out car windows. It’s all the same mentality.”

    Home firewalls can be great entertainment. Since Peck started beating up the bad guys on the cyberspace frontier, the baddies have tried to get even by attacking his home computer. Peck used to play EverQuest a lot. However, nowadays he gets thrills by watching his home firewall for incoming attacks. “Netbus attack? Sheesh. You lamer, what’s next?” Then he runs his diagnostic tools against his latest attacker, just to snicker over how pitiful the attacker’s computer is, and gloat over how easy it would be to show them what it feels like to be on the receiving end. (Peck swears he doesn’t break into his attackers’ computers.) He caps the evening’s jollity by getting the Internet access provider for each attacker to pull the plug.

    This is hacker justice. We don’t protect you by putting the bad guys behind bars. We simply wait for them to be stupid enough to attack us, and then pull the plug on their Internet access. Sure, the baddies can always get another Internet Service Provider. And if they use that one to attack us, we’ll get that one to pull the plug, too. We want to force the cyberbaddies to get so desperate that their only hope is to attack us from a terminal at the local library. Or, they can leave us alone, and we’ll leave them alone.

    Meanwhile, we keep them so busy trying to get revenge on us that they have no energy left to bother you.

Spam!!!

    What about spam (unsolicited e-mail)? Yes, it’s a pain to have to delete all those unwanted emails. It could be much worse, however. Greedy advertisers first discovered the potential of e-mail in 1995. E-mail is much cheaper than regular mail. As a result, soon spammers discovered dirty tricks to harvest or guess the addresses of tens of millions of people, and ways to pump out junk mail even cheaper by taking over other peoples’ e-mail servers. (An e-mail server gathers e-mail produced on peoples’ desktop computers and sends them to their destinations.)

    By 1996 the volume of junk mail was threatening to bog down the entire Internet. Because junk e-mail is almost free to send, it looked like we would soon reach the day when the average person would have to sift through thousands of e-mails each day just to find legitimate messages. Politicians struggled to think up ways to outlaw spam and put them out of business. Hah. Lots of luck.

    Who came to the rescue? First the computer criminal element tried to stop spam by breaking into and damaging any computer used to send spam. This didn’t do much good. Usually the person or company that owned the mail server computer didn’t know it was being used for spam. Back then only experts knew how to keep spammers from using their mail servers. Meanwhile, spammers would just take over yet another mail server.

    In October 1997, the president of Rt66 Internet (rt66.com), John Mocho, decided it was time to show the world how to prevent spam. He altered his Sendmail server to make junk e-mail disappear without a trace. That way spammers would think they were sending out millions of emails, but unknown to them it all went to byte heaven. Then Mocho went to work to persuade the Sendmail developers to make this a standard feature.

    Sendmail is yet another free hacker product. Its developers agreed with Mocho and revamped Sendmail to make it automatically refuse spam, and have the option of making it disappear without a trace. Soon the commercial e-mail server companies also added spam blocking as a default setting.

    If you get junk e-mail today, blame it on people who are using ancient mail servers. Meanwhile, hacker volunteers are tracking down the owners of those few remaining computers that spammers use and making sure they install spam-blocking servers.

    Recently Meyer had to do battle with a spammer. Even though in theory it now looks easy to keep spammers from taking over Internet mail servers, Meyer found that they are getting way too good at finding ways to evade spam protections. However, hackers have come to the rescue by creating tools to analyze mail servers for the flaws that enable spammers to take them over. Meyer recommends the Spamcop reporting tool http://spamcop.net/ and Open Relay testing tool http://www.abuse.net/relay.html.

    “We’re going to win the war,” says Meyer. “I daresay that the cracker problem has heightened our security consciousness tremendously in the past few years. If my server had never been cracked, and my mail server had never been used as an open relay to launch a global mass mailing that weekend, my servers would still be as wide open as they ever were. Since that happened I have spent far in excess of 1,000 hours single-handedly upgrading servers.”

    Now let’s talk about the most serious computer-related crime today. The Internet has made it much easier for kiddie pornographers to peddle their wares. With this growing money incentive, it is likely that an increasing number of children are being raped, tortured and killed to satisfy consumers’ desires. To track a digital image back to a crime scene, to put the criminals behind bars and rescue their victims is beyond the talents of most people in law enforcement. Who comes to the rescue? Hackers!

   “Its a simple matter of supply and demand,” says Natasha Grigori, the head of an army of hackers known as Antichildporn.org. They started out by breaking into the computers of kiddie porn peddlers and erasing their hard drives. “We were able to shut down sites, but they would just come up elsewhere. They would come up more secure than before. We were winning battles, but losing the war.” Once Natasha and her allies realized this, they shifted tactics to “target those who supply the child pornography and the patrons of the suppliers.”

    Today they and other hacker teams are working with US and international law enforcement to rescue the victims of kiddie porn factories. They have participated in summit meetings with the FBI and other citizens’ groups in Myrtle Beach, South Carolina, and in Charlotte, North Carolina. Some hackers, such as Michael Vaughan of Predator-hunter.com, provide free training for law enforcement people in how to track commercial child-abuse rings.

    It’s still early in the war against commercial child abuse. However, history tells us that once again, hackers are going to make the difference.

Totalitarian, Snoopy Governments

    Now, let’s talk about the biggest threat on the planet: totalitarian, snoopy governments such as Myanmar, Iran, North Lorea, Syria and China. Who is going to protect our privacy from the guys with search warrants? You guessed right, hackers.

    Today the most powerful privacy technique is encryption: the scrambling of information so that only the intended recipient can view it. The United States and most other govenments have tried to regulate encryption so that we can only use encryption that governments can defeat.

    In 1991 Phil Zimmerman released a free encryption program he wrote, Pretty Good Privacy (PGP). Because it was good enough to foil government investigators, the US Federal government prosecuted him under the International Trade in Arms Regulations. (Yes, the feds consider encryption to be a weapon). Tens of thousands of hackers came to the rescue, defying threats of arrest by providing download sites for PGP. In early 1996 the Federal government bowed to this unprecedented protest and dropped the case.

    Skeptics say this may have been simply because the feds figured out how to crack PGP. Let’s face it, encryption is an arms race. The government side has tons of money to throw at it. However, today many hacker cryptographers continue to work on new, more powerful encryption schemes, and make their programs freely available.

    If enough of us keep at it, the cyberspace frontier will always be the place to be. Viva hackers!

        You, too, can become a cyberspace hero. You, too, can experience the comradeship and excitement of our lives. With a little help from my friends, I’ve written two books that show exactly, step-by-step, how to become a hacker. The Happy Hacker: A Guide to Mostly Harmless Computer Hacking is easy enough for a total beginner, yet shows enough to catapult you into the ranks of serious hackers. If you want to become one of the best, and already know the basics, you’ll find the complete roadmap to success inÜberhacker! -- How to Break Into Computers. It even shows many ways one may defeat encryption, so you can get a handle on the problem of keeping the feds out of your files.

    If enough of us keep at it, the cyberspace frontier will always be the place to be. Viva hackers!

    Carolyn Meinel is the author of The Happy Hacker and Überhacker.

 

 
 

Google Groups
Subscribe to Happy Hacker
Email:
Visit this group
 
Privacy policy      © 2013 Happy Hacker