Hacking and Enlightenment: Ed and Me on hacking

This is my conversation with ED on my misuse of the word hacker on one of my website:

Whoa, whoa, ED…

I think my wording has completely miss led you.  Here is my feeling about hackers:

About Defcon13 and Hackers vs. “Security Pros”:
http://elamb.blogharbor.com/blog/_archives/2005/6/2/904009.html#302474

My discussion with Martin about hackers:
http://www.mckeay.net/secure/archives/000450.html

My thoughts on hacking and the non believers (at the bottom by Sun Tzu):
http://elamb.blogharbor.com/hacked/igothacked.htm

Dude, I love hackers.  I'd like to consider myself a hacker.. but I
don't feel worthy.  I've got the passion but I don't have the gift. 
I've already been to the Oracle (bad matrix joke).

Perhaps I should reword that article.  I believe in taking the
concept of hacking back to its original roots before it was hijacked by
the media.  I DO NOT want to contribute to that dogma.

The Phisher
used a combination of mail fraud and manipulated email and even set up
a server.  He probably got tons of money and merchandise from ebay
customers. 

Like computer and/or telecommunication devices, I beleive ANY system
can be hacked.. email systems, smoke alarms in Delta air planes, bar
code readers, RFID's, FEDEX, all can be reprogrammed, streamlined,
reverse engineered,  exploited and manipulated for good or for evil
purposes. 

For me, that is what makes hacking so cool.  A true “hack” is done upon
gaining a new understanding of a given system.  Of course, some hacks
are discovered completely by accident, but the hacks that are done out
of understanding, is like a form of enlightenment. 

Check it out… Buddha hacked the Universe… (o.k. too much weed).
 
 

On 6/13/05, ed <XXX@XXX.com> wrote:

hey rob,

this incident has absolutely nothing to do with hackers.  it's called “mail
fraud” and “wire fraud”.  what computer or telecommunications system was
“hacked” here?

please
call a spade a spade: the vast majority of hackers are not
thieves.  sure, a few are–but that's like calling all car
drivers “bank getaway car drivers.”

you're not helping to solve
the problem by blaming the wrong group of people.  you should
be blaming criminals, not hackers–who have nothing to do with your
unfortunate experience.

thanks,

-ed

From: ME
Subject: Phisherprice: Phishing on Ebay During the Holidays
Date: 8 May 2005 16:13:28 -0700

A
hacker tried to get a free phone using a phishing technique that I had
never heard of.  The phisher used a Western Union Auction
Money order form (a fake number) and actually sent me the fedex lable
and had
fedex come to my house to pick up the phone.  Even though I didn't have the cash for the phone yet.

The Phishing exploit relies on the buyers greed and the feverish haste of holiday spending.

Here is the phishing exploit in detail:
http://elamb.blogharbor.com/hacked/phisherprice.htm

rob
http://elamb.org

Ready to actually get the RMF/ISSO job?

Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).

Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *