Upload File

p65 0x0d the underground myth by anonymous

prev
next
out of 6
Download p65 0x0d the Underground Myth by Anonymous

Upload: abuadzkasalafy

Post on 06-Apr-2018

220 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 8/3/2019 p65 0x0d the Underground Myth by Anonymous

    1/6

  • 8/3/2019 p65 0x0d the Underground Myth by Anonymous

    2/6

    The fact is that hackers, mostly on an individual basis, decided touse their passion as a source of income. Whether this is good, bad,or just pragmatic is completely irrelevant. Nearly all the hackers thatcould get jobs did. For the individuals that decision has been made (forbetter or worse), and in general there's nothing that will change this.

    This was a hacker exodus. What really mattered was not the loss of anyindividuals, but the cumulative effect this had on the underground. Themore hackers that left the underground for a corporate life, the fewerthat came in. And those who stayed became entrenched, increasinglydisconnected.

    Collaboration in this new age of career hackers has all but ceased toexist. Individuals are now obsessed with credit. For their career, fortheir standing in the community, it must be absolutely clear who thisresearch, this vulnerability, or even this opinion belongs to.

    There is no trust in this corporate community; an underground issue

    greatly amplified by corporate motivations. A single person can go monthsor even years without telling anyone exactly what he is working on, andwhats more, will be genuinely worried about someone "publishing" theirresults before him. There is no respect for the information he holds,no belief that information should be free, no belief that research shouldbe open. All that matters is credit; all that matters is fame and money,their career.

    This is purely the fault of the security industry, who has exploitedand cultivated this culture, designed it for their needs. The truly sadthing is that the corporate security world hasn't realized that they aresitting on a gold mine, and as a result the mine is likely to collapse;and likely to take their industry down with it.

    The security industry uses information as its sole commodity, informationabout insecurity. Who has the information, and who doesn't is whatmakes this economy work. Whats more, the economy has been founded onthe continued output of a finite group of hackers. For the most part,founded on those hackers that came out of the underground scene at theirtechnical prime.

    But these hackers are not going to continue their productionindefinitely. They will lose their technical edge, move on to otherindustries, perhaps climb the ladder up to management, and thenretire. The question is, then what? Then it will be up to the new waveof young security professionals, whose motivation is as much financialas it is passion for the technology and the thrill of the hacking game.

    To imagine that these new wave office workers, university trained anddisinterested, can match the creative output of a genuine hacker islaughable. The industry will stagnate under these conditions. The rapidtechnical advancement we have seen will end, no more breakthroughs:no more new security products or services. Just the same old techniquesbeing rehashed again and again until the rock has been bled dry.

    I am trying to show you the symbiotic nature of the security industryand the hacking scene. Industry needs insecurity to survive, there isno doubt about this. A secure and stable Internet is not profitable for

    long. Hackers provided instability, change, chaos. So the industry becamea parasite on the hacking scene, devouring the talent pool without givinganything back, not thinking of what will happen when there are no more

  • 8/3/2019 p65 0x0d the Underground Myth by Anonymous

    3/6

    hackers to consume.

    For this reason, the security industry, much like the hacker underground,is doomed, perhaps even destined for failure. But for now, all thatmatters is that we have a thriving industry and...

    A hacker underground proclaimed to be dead.

    --------------------Black Hat, Two Faces--------------------

    It would be easy to lay the blame squarely on the shoulders of thesecurity industry. A lot of people have. Unfortunately, its not thatsimple. Perhaps the underground could have survived without the lure ofa six figure job, but one thing should be made clear. The self-proclaimedblack hat movement does nothing to help.

    Various black hat groups have claimed to be the voice of the underground,

    but the black hat scene was only ever a pale imitation of the actualunderground. The underground wasn't at all interested in publicself-aggrandizement, but this is all the black hats ever did. All thattheir various rants and escapades accomplished was to show how desperatethey actually were for fame and recognition.

    But whats worse, while they often talk a big game, they very rarely havethe pedigree to back it up. This is mostly because these self-proclaimedblack hats are really just as self-serving as the white hats they pretendto detest. With few exceptions, those black hats that aren't alreadyworking in the security industry are those that don't have the skillsto cut it.

    The entire anti-security theme was simply embarrassing. This was just theblack hat movement admitting that they couldn't step up and representin an increasingly technical world. Where once hacking skill commandedrespect, now the black hats were promoting misinformation in order tomake what few hacks they managed to pull off easier. They couldn't stepup to a challenge, they couldn't outsmart the white hats they so detest.

    This ineptitude and misguided fervor of the black hat scene had amassive negative impact on the hacking underground. The true voice ofthe underground was lost behind the noise and drama, until the voicebecame a whisper.

    And then eventually fell silent.

    ----------Technology----------

    The very nature of technology, a dynamic and intractable force, had a lotto say in the demise of the hacking world. In many cases, if a black hathad been active 5 or 10 years earlier they would have been technicallycompetent and may well have contributed significantly. This is becausewith the utmost respect, and despite all the nostalgia, hackers of thepast had it easy.

    In the early years, the problems hackers faced were largely related to theavailability of information. Isolated groups of people had their tricksand techniques, and sharing this information was problematic. This is

  • 8/3/2019 p65 0x0d the Underground Myth by Anonymous

    4/6

    in direct contrast with the situation today, where there is an excessof information but a void of quality.

    As a result of many differing factors, the world is becoming aware of thethreats posed by lax security. When there is money at risk, steps willbe taken to protect those assets. We see now an increasing move towardstechnical security mechanisms being employed as part of a defense in

    depth strategy, and as a result, to be a hacker today requires immensetechnical ability in a broad range of disciplines. It takes years ofindividual study to reach this level.

    But unfortunately, fewer and fewer people are willing, or indeed capableof following this path, of pursuing that ever-unattainable goal oftechnical perfection. Instead, the current trend is to pursue the lowestcommon denominator, to do the least amount of work to gain the most fame,respect or money.

    There has also been an increasingly narrow range in what is published. Inpart this is because of the lack of accessibility of certain systems

    (through obscurity or price), but this is also increasingly dictated byfashion. In a desire to fit in with the community, to be accepted into conferences, to be seen doing the right things in the right placeswith the right people, researchers are all too happy to slot in to thispattern of predictable and narrow progress.

    And even then, the standards of what makes acceptable research, or forwhat makes a vulnerability interesting, drops with every year. The gapbetween offensive research and defensive implementations continues togrow, to the point where public vulnerability research has become aparody of what it once was, a type of inside joke.

    There is no creativity, no sense of arcana anymore.

    ---------Criminals---------

    From Operation Sundevil to cyber terrorism. The criminalization ofcomputer hacking and, by association, computer hackers had a devastatingimpact on the underground. Hacking was criminalized in two ways, bothof near equal importance: by legislation of computer crimes, and by thenew trend of genuine criminals using hacking as a method for fraud.

    There should be a clear separation between these two things. The factthat the underground collectively became criminals under the law forwhat they had been doing for, in some cases, decades. And the fact thatin public perception, even among professionals that should know better,there was very little distinction between a genuine hacker and thosecriminals using hacking purely as a method for profit.

    Indeed, little of what organized crime and terrorist/activist groupsare doing could justifiably be labeled hacking. It is simply convenientto make this simplification, in media and in industry. The securityindustry knows the difference, but they have no economic interest inthere being any clarity on this point. Any sort of hacking, anythingthey can sensationalize enough to scare their profit margin up suitsthem perfectly.

    For the underground, these issues largely affected individuals, not thebroader structure of things. Each person had to make a personal decision

  • 8/3/2019 p65 0x0d the Underground Myth by Anonymous

    5/6

    on whether it was worth 1) being seen as a criminal under the law and2) being seen as a criminal in public perception. Why should the hackerface this when such an easy, safe, respectable alternative is availablein the security industry?

    Even the term black hat has been twisted into something more closelyaligned to organized crime. For all their faults, black hats were not

    (in theory) motivated by this type of money.

    It comes down to an aging hacking population deciding, on an individualbasis, to settle down with their families, their material possessions,their careers. No one can argue that there is anything wrong with this. Itis just a fact that these hackers left the scene behind.

    Leaving a void too large to be filled.

    ---------------Forgotten Youth---------------

    The forgotten aspect of this whole story is, without doubt, the importanceof new talent entering the world of hacking. Historically, hacking hasbelonged to the young. With every passing year, the average age of hackerscollectively increases. Some would claim this is a sign of a maturingdiscipline. For surely, what could youth possibly contribute in thistechnological landscape? They call them kids, dismiss them as irrelevant.

    Despite all of the issues facing the underground, if hackers had managedto get this one aspect right, if they had recognized the importanceof those who would come after them, if they had given them somethingto aspire to be, if they had directly or indirectly taught them theaccumulated wisdom that so often separates a hacker from the crowd;

    then perhaps there still would be a hacker underground.

    Nearly all of the situations surrounding the disestablishment of theunderground were circumstantial, there was nobody to blame, and nothingthat could be done. But one point for which this was not true was theunderground's obligations to young hackers. An entire generation oftalented hackers have lost the opportunity to become a part of somethingbigger than themselves by participating in a functioning hackingcommunity, simply because hackers were too self-absorbed to notice.

    The decline of the underground scene happened relatively quickly, andalso relatively quietly. The hacker who left the underground behindfor his new life was unlikely to justify or explain his choices. Infact it was more likely he would deny being changed at all. It's likelyhe'd even continue to have contact with his fellow ex-hackers, in someimitation of the underground scene. This only helped to obscure whatwas actually happening.

    Today's youth, for the most part, have no true understanding of hackersor hacking. They have no knowledge of the history, no knowledge thata history even exists. Their hacker is the media's hacker, the cyberterrorist, the Russian mafia. This is unfortunate, but the real troublebegins for those few that somehow become interested enough to look abit deeper.

    The average person requires some form of role model, something to aspireto, to imitate and to an extent, to idolize. At this time, the onlyvisible efforts were the white hat researchers, the black hat horde or

  • 8/3/2019 p65 0x0d the Underground Myth by Anonymous

    6/6

    various other technically inept self-proclaimed 'experts'. There is solittle inspiring research, and even less inspiring hacking, that anyonenew to the world of hacking is almost invariably left with a skewedimpression of things.

    Indeed, for a lot of the young people that managed to acquire thenecessary technical base, hacking was seen as simply an interesting career

    path. There is no passion in these people, no motivation to extend andcreate. A competent professional, valued employee.

    But no longer a hacker.

    ----------------The Forward Link----------------

    The hacker underground has been systematically dismantled, a victim ofcircumstance. There was no reason for this, no conspiracy, no winner. Aconquered people, but with no conqueror, no enemy to fight. No chance

    of rebellion. Conquered by circumstance, if not fate.

    At first this would seem to be a bleak message. What is the point ofeven trying anymore? Why practice a dead art? But the truth is that theart is not dead, just the circle that brought the artists together. Thehacker underground is broken, but the hackers are not.

    Casualties have been high; but there still exists a scattered,marginalized, and misrepresented people who are the hackers. Hackers,not black hat nor white, not professionals, not amateurs (surely noneof this matters), are still out there in this world today, still withall the potential to be something great.

    The question is not then how to artificially group these people into anew underground movement. The question is not how to mourn the passing ofthe golden days, how to keep the memories alive. There are no questionsof this sort, no problems that can be solved or corrected by individualaction.

    All that remains is to relax, to do what you enjoy doing; to hack purelyfor the enjoyment of doing so. The rest will come naturally, a newscene, with its own traditions, culture and history. A new underground,organically formed over time, just like the first, out of the hacker'snatural inclination to share and explore.

    It will take time, and there will be difficulties. Some will not be ableto let go of the past, and some will fail for not remembering it. Butin the end, after everything has been said and done, the equilibriumwill be restored.

    A new world, at the frontier of cyberspace, belonging to the hackersby right.


Lundiana 10-1.p65

TVS Motor Company Wrap2011.p65

Ev2 manual iss 3.p65

p65-66 kma · Title: p65-66_kma Created Date: 5/27/2017 3:53:03 AM

MBAxlch15.p65 - nailah

Manual Para Laney Prism p65

Nagreeka Exports (BS-2014-2015).p65

Insulation Floors P65 76

Hematologic Pathology p65-87

MVS Apr 2003.p65

MTR-80L REV8.p65

Section 10.p65

Swapping the Byte Order in a Siemens PLC or Allen-Bradley ... · c. HIGH/LOW Order Mode, which is Byte Swap, will swap from Source 0x0A 0x0B 0x0C 0x0D to Dest 0x0B 0x0A 0x0D 0x0C

Catalog front section7.p65

24.24M Manual Rev 3.p65

Engineering Physics-01.p65

Elpro International 2015.p65

User Guide P65 1.0 HI-Res

KUNL JAN-2014 (FINAL).p65

Balance Sheet 2011.p65

Derivatives Digest-20-07-07.p65

Allama Iqbal (1-61).p65

Chapter 1.p65

WizFi250 Programmer's Guide - GitHub Pages · and 'Enter Key' which should be CR(0x0d), but nether CRLF(0x0d, 0x0a) nor LF(0x0a). Some parameters are mandatory and the others are

Canaries Carp.IC07.p65

Voltas Main 2004.p65

cwiq broch 2.p65 forpdf

Pulicat Lake Bulletin6.p65

April-June News Letter- 2015.p65

Siemens SL-1.p65

Page 1 and 2.p65

D8 V4 User rev5.p65

BDS Section 3.p65

27-Meldrum (NA Hominoid).p65

Laney p65 manual