undefined | Better HN

0 pointsJackFr3y ago0 comments

In the grand scheme of things, what he did is hardly the end of the world.

And yet, it still doesn't sit quite right with me. I suppose its because there doesn't seem to be the slightest hint in the writing that credit card fraud is wrong, or that it's even something you shouldn't do. I looked for it.

And to add to that, what he did wasn't 'a hack', it wasn't particularly clever. It was just theft of services and a lot of lying because he didn't have something he wanted.

I think if he would describe it as a youthful indiscretion or something similar it would go a long way.

0 comments

crmd3y ago

In the hacker ethos, gaining access to systems is in no way unethical or deserving of remorse. The hack in this case was (1) exploiting the ISP’s delayed batch processing of credit card orders, and (2) circumventing their deny list of callback phone numbers.

For the same reason you’ll rarely see urbex photographers expressing remorse for trespassing. Getting onto skyscraper roofs and into steam tunnels is just what you do.

Related - I went to college in the late 90s, at the end of this era, where there was a constant game of cat and mouse between the University unix and network admins and the hacker kids. Yes it was technically felonies all night long, but there was legitimate mutual respect for technical skills on both sides and following the unwritten rules of not causing data loss or disrupting services. This is how I learned the skills to start my career, and probably how they learned themselves back when they were students. For them to rat out a student was kind of unsportsmanlike. It would be admitting they weren’t good at their jobs.

I’m told this hacker culture no longer exists at my Uni. If you get caught escalating privileges on a computer you’d be facing expulsion and referral to the police.

kshacker3y ago

> I’m told this hacker culture no longer exists at my Uni. If you get caught escalating privileges on a computer you’d be facing expulsion and referral to the police.

it has a reason. We did not have our life story at our fingertips in those days. Even if the university computers may not have sensitive information but they could be hijacked to be part of bot net or just mint bitcoins. They stakes are much higher. I am not at a uni so don't know the reality but I can understand if they are doing it.

unityByFreedom3y ago

> there doesn't seem to be the slightest hint in the writing that credit card fraud is wrong, or that it's even something you shouldn't do. I looked for it.

It's there,

> I also don’t want her calling up an ISP and convincing them to make an account for her - I’m not quite ready to reap what I sow.

That point did make it come across as "youthful indescretion" to me.

> what he did wasn't 'a hack', it wasn't particularly clever. It was just theft of services and a lot of lying because he didn't have something he wanted.

Who says a hack needs to be clever? And what is clever? Bug fixes are often something very simple that can take a long time to discover. I'd put hacks into the same category.

Again, I think demonizing confessions like this can cause more trouble. Just because we don't talk about mischievousness doesn't mean it isn't out there.

more_corn3y ago

Sure, but imagine a kid 16, reading 2600, figuring things out. Trying to get access to the best tool for figuring things out. I think a lot of people transgressed at that age. I, for one, benefitted from being granted a bit of leeway. My transgressions actually taught me to not WANT to break the law which I think is better than just not breaking the law because that’s what’s expected and one has never considered the alternative.

spacedcowboy3y ago

I wrote my first ever (and last) virus for the Archimedes...

Some history: Waaay back in the mists of time (1988) I was a 1st-year undergrad in Physics. Together with a couple of friends, I wrote a virus, just to see if we could (having read through the Advanced User Guide and the Econet System User Guide), then let it loose on just one of the networked archimedes machines in the year-1 lab.

I guess I should say that the virus was completely harmless, it just prepended 'Copyright (c) 1988 The Virus' to the start of directory listings. It was written for Acorn Archimedes (the lab hadn't got onto PC's by this time, and the Acorn range had loads of ports, which physics labs like :-) It spread like wildfire. People would come in, log into the network, and become infected because the last person to use their current computer was infected. It would then infect their account, so wherever they logged on in future would also infect the computer they were using then. A couple of hours later, and most of the lab was infected.

You have to remember that viruses in those days weren't really networked. They came on floppy disks for Atari ST's and Amiga's. I witnessed people logging onto the same computer "to see if they were infected too". Of course, the act of logging in would infect them... Of course "authority" was not amused. Actually they were seriously unamused, not that they caught us. They shut down the year-1,2,3 network and disinfected all the accounts on the network server by hand. Ouch.

There were basically 3 ways the virus could be activated: - Typing any 'star' command (eg: "* .", which gave you a directory listing. Sneaky, I thought, since the virus announced itself when you did a '* .' When you thought you'd beaten it, you'd do a '* .' to see if it was still there :-) - The events (keypress, network, disk etc.) all activated the virus if inactive, and also re-enabled the interrupts, if they had been disabled - The interrupts (NMI,VBI,..) all activated the virus if inactive, and also re-enabled the events, if they had been deactivated.

On activation, the virus would replicate itself to the current mass-storage media. This was to cause problems because we hadn't really counted on just how effective this would be. Within a few days of the virus being cleansed (and everyone settling back to normal), it suddenly made a re-appearance again, racing through the network once more within an hour or two. Someone had put the virus onto their floppy disk (by typing *. on the floppy when saving their work, rather than the network) and had then brought the disk back into college and re-infected the network.

If we thought authority was unamused last time, this time they held a meeting for the entire department, and calmly said the culprit when found would be expelled. Excrement and fans came to mind. Of course, they thought we'd just re-released it, but in fact it was just too successful for comfort...

Since we had "shot our bolt", owning up didn't seem like a good idea. The only solution we came up with was to write another (silent, this time :-) virus which would disable any copy of the old one, whilst hiding itself from the users. We built in a time-to-die of a couple of months, let it go, and prayed...

We had actually built in a kill-switch to the original virus, which would disable and remove it - we didn't want to be infected ourselves (at the start). Of course, it became a matter of self-preservation to be infected later on in the saga - 3 accounts unaccountably (pun intended :-) uninfected... It wasn't too hard to destroy the original by having the new virus "press" the key combination that deleted the old one.

So, everyone was happy. Infected with the counter-virus for a while, but happy. "Authority" thought they'd laid down the law, and been taken seriously (oh if they knew...) and we'd not been expelled. Everyone else lost their infections within a few months ... Anyway. I've never written anything remotely like a virus since [grin]

j / k navigate · click thread line to collapse