Random Thoughts - Second Edition

[Corlagon]

I guess I'll be hanging around here for a while, since I won't be going anywhere near HC until the hacker attack comes to an end (especially without any firewalls)

[winterfate]

@Pol: S'ok.

@Corlagon: Hacker attack? What hacker attack?

@Asheera: I saw you made a birthday thread over at HC. You copied my final line too...

[Veldrynus]

@Vel
Oh, well and what is sex without a love? I sought for hearing your definition...

Just sex! Oh, yeah...

[Chai26]

@Vel
Oh, well and what is sex without a love? I sought for hearing your definition...

Just sex! Oh, yeah...

chill vel, your still young, plenty of years to go until ur expiration...

[Muszka]

Thanks Ash.

[Asheera]

I saw you made a birthday thread over at HC. You copied my final line too...

I know I hope you don't mind.

[Zamolxis]

A Hacker is more of a generic term, hackers can be both good or bad, freely interpreted like men in white and black hats. (However everyone know that best men wear red hats.)

Cracker is almost always evil. Exclusively devoted to some evil intention for whom he is undergoing martyrdom to crack inside, damage and leave. Not to report any vulnerability issue, fill sec bulletin record but almost every time for his own malicious reasons - which is mostly profit (or spoiled childhood, ya know).

For example Malik from SS2 could serve as a nice example of such vicious mind limited brat.

Wow. That's quite the opposite of how I used to see it.

Cracker for me was somebody who was able to crack the protection of a software program. Unless they were trying to make a business out of their cracks, they were the good guys for me. 8-9 years ago, when my father was earning 100 bucks a month and I was earning squat, it took me 2 full years to save the money to buy my first PC. Now imagine I would have had to starve for 1 more year, and keep that PC as home decoration, only to be able to save the money for a copy of Windows and other necessary programs. So of course back then my attitude was "thank God for crackers!" otherwise I would have never managed to learn about computers (or too late). Without crackers I would have specialized myself in something else, probably less profitable (as nowadays you're socially & professionally handicapped w/o computer knowledge) and I wouldn't have had today a full shelf of legal software & games: from Windows & Office to Total Commande and from AoE1 to Civ4 (and soon KB:TL;)).

Hacker on the other hand was almost always evil. It was the guy not only able to break a protection of a program on his own PC, but able to break the protection on any other PC - thus including mine - and then do whatever he wanted with my machine. I did have respect for them, and I knew there are good guys among them, but at the end of the day - while towards crackers I had gratitude - towards hackers I more had a bit of a fear. I was hoping I never p*ss one off one day (as I knew a couple, even among my neighbors) or I don't become just accidentally the victim of one.

[Borsuc]

What is a Hacker?

The Jargon File contains a bunch of definitions of the term ‘hacker’, most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant.

There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers run Usenet. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you're a hacker.

The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually, you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in. But in the rest of this document we will focus on the skills and attitudes of software hackers, and the traditions of the shared culture that originated the term ‘hacker’.

There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.

The basic difference is this: hackers build things, crackers break them.

If you want to be a hacker, keep reading. If you want to be a cracker, go read the alt.2600 newsgroup and get ready to do five to ten in the slammer after finding out you aren't as smart as you think you are. And that's all I'm going to say about crackers.

[Zamolxis]

Yep... Totally different perspective then how I used to see it. Thanks for the link.

[Asheera]

Interesting Borsuc

[Borsuc]

no problem

[darknessfood]

Meanwhile, this dude is drinking beer, visiting the forum, and writing stuff for MMX. Really busy !

[Angelspit]

Is the HC safe now (I'm on my work PC so I can't take the risk to check it out myself)? Otherwise I'll open a separate thread to warn people.

[Corribus]

Yes, it appears to be safe now (if the "warning" thread is any indication). I'm also not getting any warnings from my antivirus software when I go there now.

[darknessfood]

Well, of to work for me. See you guys later !

[Asheera]

@Angelspit: I think it got fixed.

I hope this 'hack' won't happen again.

[Milla aka. the Slayer]

What was it exactly? Does anyone know?

[Asheera]

Well I guess the admin knows best, so here is his quote:

Someone or some bot managed to get root access to the AOH/HC server and executed a hack that added a script into some files of AOH and HC. When a page with this script is viewed, it opens the PDF file on the chinese domain. The opening of this file (which happens in the background) may cause a trojan or virus to get into the user's computer.

From searching on the internet, it seems that other server admins who experience this problem also have their servers hosted by LayeredTech, as AOH/HC server is. I suspect that these server intrusions are somehow connected to security flaws in LayeredTech infrastructure. The root password was secure and not known to anyone other than myself, so I do not know how the attacker managed to get root access to the server.

I will be cleaning up the file edits done by the hack. But as it is currently unclear how the attack happened, it is similarly unclear whether it can happen again. Let's hope something comes from LayeredTech in this discussion.

[Angelspit]

You forgot the part where he apologizes for the inconvenience.

Oh, wait...

[Zamolxis]

(AS, let's not jump to conclusions... could be the hacker again) :p