Study Guide
What are hackers?
- Hackers are people who try to gain unauthorised access to your computer. This is normally done through the use of a 'backdoor' program installed on your machine.
You can protect yourself from these by using a
firewall and a good up-to-date anti-virus program. You would normally get such a backdoor program by opening an
E-mail attachment containing the backdoor program. It is normal for such a backdoor program to send out more copies of itself to everyone in your address book,
so it is possible for someone you know to unintentionally send you a malicious program. A few backdoor programs can work with any e-mail program by sitting in memory and watching for a connection to a mail server, rather than
actually running from within a specific mail program. These programs automatically attach themselves to any e-mail you send, causing you to unintentionally send out
malicious programs to your friends and associates.
Why do hackers hack?
- To a hacker, breaking into someone’s computer is simply a challenge. They may not specifically intend to do damage to the computer. The thrill of simply gaining access is often enough. Hackers often try to show off their skills to the world by hacking into government computers, or as revenge against another user or agency.
Hackers are indeed as the stereotype depicts them as; young males with a thirst for knowledge. Despite rumours, all hackers do not wear nerdy glasses.
What damage can a hacker do?
- This depends upon what backdoor program(s) are hiding on your PC. Different programs can do different amounts of damage. However, most allow a hacker to
smuggle another program onto your PC. This means that if a hacker can't do something using the backdoor program, he can easily put something else onto your
computer that can. Hackers can see everything you are doing, and can access any file on your disk.
Hackers can write new files, delete files, edit files, and do
practically anything to a file that could be done to a file.
A hacker could install several programs on to your system without your knowledge. Such programs could also be used to steal personal information such as passwords and credit card information. Some backdoor programs even allow a hacker to listen in on your
conversations using your computer's microphone if one is attached!
Types of hackers
Hackers often can be characterized by their motives. The following are the
more common types of hackers and the motives they cite:
- Pranksters:
These hackers are the mischief-makers of the
bunch whose intention is merely to be a nuisance. They are
the equivalent of individuals who pull fire alarms or make
phony bomb threats. Copycat hackers would also fall into this
category.
- Fame seekers: This group hacks seeking attention or
notoriety. Using a code name, these individuals target
high-profile sites such as Yahoo!, eBay, or NASA to achieve
bragging rights among their peers.
- Educational: Students justify hacking into systems by saying
that they are honing their programming skills.
- Criminals: When bank robber Willie Sutton was asked why he
robbed banks, he replied: "That’s where the money is."
Stored data or "data at rest" is more profitable to steal than
data moving over the Internet. Why steal one credit card
number at a time when you can steal tens of thousands to
millions with one break-in? This happened to CDUniverse
and RealNames. Pacific Bell had to have more than 60,000
customers change their passwords after hackers stole them.
What constitutes hacking?
-
Computer fraud is the legal term for a large part ofwhat most consider hacking.
Another form of hacking is the illegal seizure and unathorized use of credit
card numbers.
Cases that have helped to shape the law
-
Kevin Mitnick was arrested
for stealing credit card numbers and for gaining illegal entry into numerous
systems via the internet.
-
Arrested at 1:30 a.m., February 15, 1995, in Raleigh, N.C.
-
Eluded the F.B.I. for three years.
-
He was charged with everything from the theft of more than 20,000 credit
card numbers to the illegal entry into numerous computer networks. Oddly enough, the court could not prove that Mitnick ever
actually used any of the stolen credit card numbers.
-
He was caught by
Tsutomu
Shimomura, a computer security expert and senior research fellow at
the San Diego Supercomputer Center.
-
Lots of ethical questions are raised by the financial fallout of Mitnick's
demise.
-
Mitnick undoubtedly violated the law by illegally acquiring those credit
card numbers.
-
Was the method of his capture legal, though? They captured Mitnick
using wiretaps, and by "hunting" him down on the internet. Tsutomu even
admits to "baiting" Mitnick with tempting software in a few instances to
draw h im out into the open.
-
Could this be considered entrapment? Mistrials have been called
for less.
-
Ed Cummings was the first
person in the United States to be imprisoned for possession of a red
box.
-
The charges
-
The grand jury charged that he "knowingly and with intent to defraud did
possess and have custody and control of a telecommunications instrument,
that had been modified and altered to obtain unauthorized use of telecommunicatio
n services through the use of public telephones" on or about March 13 and
15 of 1995.
-
He was also charged with "being in possession of hardware and software
used for altering and modifying telecommunications instruments to obtain
unauthorized access to telecommunications service."
-
Is it ethical to sell the components, if someone can be jailed for amassing
them into one single object? Welcome to Radio Shack.
-
Where in the world could he have obtained information regarding
a
tone dialer?
-
He was sentenced to seven months in federal prison, but was released three
days later so that he could attend a hearing on whether or not he violated
his probation.
-
The violation in question was his supposed removal of batteries
from the tone-dialer when the police arrived.
-
The hearing was postponed many times, but finally took place on a day when
the weather was so bad his lawyer could not show up.
-
Was the judge ethically justified in discarding Cummings' right to a
fair trial?
-
The judge refused to let Cummings speak and said that he had definitely
violated probation, ordering him to be held on $250,000 bail, to be sentenced
within 60 days.
-
He was sentenced 6 to 24 months in prison plus a $3,000 fine.
-
Craig
Neidorf, an employee of Bellsouth, was arrested for distributing information
that was thought to have been illegally obtained from the comp any.
-
A pre-law student at the University
of Missouri and the editor of
Phrack
Magazine, was questioned first at home, then had his house searched, a
nd then was called in for questioning by the U.S. Attorney's Office in
Chicago in 1990 in which he complied willingly.
-
On February 1, 1990 Neidorf was indicted by a grand jury on six counts
including wire fraud, computer fraud, and transportation of stolen property
greater than $5,000.
-
The trial began on July 23, 1990 in Chicago's District Court for the Northern
District of Illinois, in which the prosecution withheld witnesses, one
Secret Service agent, a friend of Neidorf's and alleged co-conspirator,
and many of Ne idorf's fellow employees at Bellsouth.
-
He was found in possession of a file detailing an
enhanced
911 system belonging to Bellsouth
(regarded as hacking instructions), a T rojan Horse program, and an announcement
in his magazine regarding "The Phoenix Project" (an elite bulletin board),
which included a statement regarding the freedom of knowledge.
-
The articles were proven harmless. The Trojan Horse Login program belonged
to him and was never used. Finally, the
Phoenix Project was observed and regarded to be insignificant.
-
A mistrial was declared, but Neidorf was left with a $100,000 court bill.
-
Should the court be ethically obligated to compensate Neidorf for his
trouble?
-
Steve Jackson Games
-
On the morning of March 1, armed Secret Service agents and Austin police
occupied the offices of Steve Jackson Games and began a search for computer
equipment. The house of Loyd Blankenship, the writer of GURPS Cyberpunk,
was also rai ded.
-
Four computes, two laser printers, some loose hard disks, and a great deal
of assorted hardware were seized.
-
The only computers taken were those with GURPS Cyberpunk files. The agents
cut locks, forced footlockers, and tore up boxes in their frantic search.
-
It was supposed that GURPS
(a soon-to-become famous role-playing game) was to be "a handbook for computer
crime." The seized materials were ful l of references to futuristic equipment
that didn't exist.
-
The Secret Service kept one company hard disk, all Loyd's personal equipment
and files, and the printouts of GURPS Cyberpunk.
-
SJ Games survived the loss only by laying off half its employees.
-
SJ Games received a copy of the Secret Service warrant affidavit on October
21, 1990. The cause for the search was Games' remote association with Neidorf
and a few other main-stream computer elitists.
-
The case finally came to trial in early 1993.
-
The Secret Service lost, and S.
J. Games was awarded $50,000 in damages, plus over $250,000 in attorney's
fees.
-
Be sure to read the article closely. The law states that the Secret Service
did not violate any laws by reading any of the mail on the computers, as
opposed to anything sent through the United States Postal Service.
-
Should email be given the same status as actual mail? Should the
medium make a difference?
In Favor of Hacking
Keep in mind that the ethical debate for hacking stems entirely in the
definition of what it is to hack. Everyone realizes it is illegal to take
money from a bank via a computer without authorization, but it might not
be illegal to "hack" into a system if you do so because you are aware of
a security flaw and wish to bring it to the attention of the proper authorities
(without malicious intent).The following are sorted by their definitions
of hacker:
Advice on Protecting your PC
A skilled hacker will do whatever it takes to break into your computer. Just ask Microsoft. Even a giant software company is not completely safe. The company was hacked by a Trojan-horse program hidden inside an innocent-looking email attachment. The Trojan horse replicated itself throughout Microsoft's internal network and eventually emailed proprietary secrets back to the originator of the Trojan horse.
Follow these six steps to protect your computer from being hacked:
- Don't let other people onto your computer unless you really trust them. A great way to do this is to password-protect your computer.
- Don't ever open attachments. Avoid Trojan horses and viruses by following this rule. For more information, go here.
- Turn off file sharing if you don't need it. If a port scan is done on your computer, a hacker may find a back door to your machine and access your files.
- Use an antivirus program and keep it up to date. For more information, go here.
- If you have a constant Internet connection, use a firewall. For more information, go
here.
- Routinely update Windows software. This is extremely important. Updates fix many bugs and known
security holes within the Windows operating system.
PC protection links
Articles and News About Hacking and Hackers
|
|
|