The views and contents of the following article are solely the author’s. Fair use of Trademakrs has been used in this article, but it is not for the purpose of describing or identifying the products or services of any property right owner. This article and its contents are not sponsored or endorsed by the propitiators of various property right owners.
The following is portion from Taufeeq Elahi’s upcoming book on hacking philosophy, its effects, portrayal and the subculture.
Apart from media, printed press has played a very important role in the misportrayal of hacker subculture. There have been lots of book out by several authors who claim to know much about hackers. One of the greatest titles of our time is “An unofficial guide to Ethical Hacking” by Delhi native young lad, Ankit Fadia. I had both heard and read about him until I finally got hold of his book published by Macmillan. This book claimed quite a bit of green stuff as well as fame for him in the international market. As this book seems to be the representative of Ethical Hackers and how they work, and has been propagated throughout the world, leaving its marks on millions of minds, I would like to comment on it.
The book starts with New York Times’ press release saying:
Scared of hackers? Indian teenager offers help. (The New York Times)
The New York Times questions the readers if they are scared of ‘hackers’ and that an Indian lad is there to offer help. New York Times seems to be confused about what actually a hacker is. If they knew the real meaning of a hacker, they would have never used the word ‘hacker’, instead they would use ‘cracker’. This is of course nothing new that the media and the press confusion two very distinct entities together.
Ankit is a young computer genius who seems to be looking at the world of hacking with his own prospective. He seems to understand the difference between a hacker and a cracker in the opening of his book, and also seems to know that the media never portrays a ‘hacker’ in the right way. He understands that the media is responsible for the exploitation of real hackers.
Here is the definition of hacker by Ankit Fadia.
“…by using their knowledge in a constructive manner they help organizations to secure documents and company secrets, help the government to protect national documents of strategic importance…”
For him, it seems that hackers are kind of people ‘employed’ by big corporations and then use their knowledge about computers to save important information on critical server machines, and especially ‘company secrets’ as he calls it. Where as in reality, hackers break open the secrets and codes of corporations that they use to confine information and truth, the trade secrets by which they exploit the end users. But our Indian lad seems to have an idea that hackers are CEO’s bodyguards. Hacker community has never supported any big corporations like Microsoft, AOL, Yahoo!, Google and even hardware manufacturers like AT&T and Cisco that deliberately turn data, filter information, spy on your systems and breach your privacy.
Fadia bitterly fails to realize the actual status of a true hacker.
For me, I consider him as yet another security guru. A person with adequate knowledge of digital systems. He’s just like a person who has done a computer security certification …say a Cisco Certified Security Professional. He is a person fighting against computer crime, and working for the mainstream society. This is indicated by his statement that :
“A cracker gains popularity only amongst a small part of the population that is the underground world. An ethical hacker, however gains popularity amongst a large section of society, and believe me, a hacker who is popular among the normal people is also envied and respected by crackers.”
He seems to be delighted by the fame and respect he is getting from the mainstream society, and for the most of all, he mentions ‘normal people’ in the above text. This means that he considers all others involved in the computer underworld as abnormal people. Here my concern or point is not to prove who is normal and who is abnormal, but the point that he thinks that an ethical hacker exists in ‘normal’ people… that is the mainstream society.
He seems to be inspired by people who have spent 18 hours a day in front of their computer screens and amassed billions. He writes:
“…let me give you a living example which will surely point you in the right direction and help you choose between a cracker and a hacker.”
And then continues to admire Bill Gates who he thinks was a true hacker when he young. Then he continues :
“However, they were wise and are today in a position which most of us dream to be in.”
Well, again it seems that he loves the knowledge of computers because it can buy you a CEO’s chair, fame and a few billion dollars. For me this is a horrible description of ‘hacker’ or their code of conduct. I, till this day have never heard or read anything like this in any of hacker related books or in a hackers code of conduct – that too for an “Ethical Hacker”, as he names his book after that.
He insists that :
“…I assure you, you will definitely become famous and would probably be sitting on a pot of gold.”
Hackers would never spoil their mind and eyesight in front of a computer screen if it was just about money and fame. Doing any business can get you more money then writing a lousy assembly code. His hero seems to be Bill Gate for he is a rich man today and seems to be less concerned with the buggy operation systems Microsoft releases in the market. Surprisingly, he himself says that :
“…you know why a hacker running windows is considered to be lame and why a hacker laughs whenever someone says Microsoft and security in the same sentence.”
Microsoft did no good to the computer industry, except providing a better graphical user interface that was easy to use. He himself declares that Microsoft and its operating systems are sick and lame, but throughout his book, he continues to present screen shots of the same buggy operating system, and on the last page he proudly displays his “Most valuable Professional” certificate by Microsoft that writes ‘Microsoft’ and ‘Security’ in the same line!
I do not see the basic concepts of “Ethical Hacking” anywhere in his work. There is not a single line that would talk about free-and-open information. Hacking, and its all concepts are about free and open information, freedom to change, modify, and release. The concept that information should be total, unedited, unmodified for any personal benefit, and that it should be available to all and for free. But I do not see anything of this sort anywhere in his work on ‘ethical hacking’. The following sentence creates the base line for he hacker-subculture.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin
He does not in any way understand that hacking is NOT a few techniques that he presents in his book but a tradition, and a full-fledged sub-culture. That has its own code of conduct, rules, and norms. He is a lad with computer knowledge working in the head office of Symantec Corporation and talks about a completely different world. A world in which he has never lived and never felt.
It is like a person who has never been out of his hometown as talks about the surface of mars and speculates great things about it. Respected newspapers like the Times of India call him the “Ethical Hacker”, without knowing anything about this subject and Mr.Fadia also seems to accept it with a big smile. If he is a hacker then any computer security professional can come forward and call himself the savior of the world and an ethical hacker because he can block a few ports on a Cisco router.
At 18, Ankit Fadia is not just a super hacker but also a respected expert. (Indian Express)
Everyone including I appreciate that he knows a lot about computers at a young age, but there is a world of genius people out there. According to the hacker ethics, age does not matter, as this fact is supported by the stats that I have provided in my work about the average ages of the members of the sub-culture. It clearly indicates that most of the members are young boys, so age really does not impress me at all. The only difference that I see is a person making his appearance from the mainstream society with the help of India’s biggest publisher.
“Hacking his way to fame”, its what Times of India writes.
In an other place he writes that :
“If this is not done soon then the crackers will get way ahead in the security race.”
He does not even understand that elements working against security are always one step ahead of the security systems and that’s why all security companies exist today.
Now moving towards the contents of the book. The book does not tell you what “Ethical Hacking” is, but tells you the basic construct of operating systems, protocols and other basic stuff.
“…security is a very dynamic field, with new loopholes, attacks and techniques being discovered every single day. This makes it very important for us to keep abreast with the latest development in the world of ethical hacking. Keeping this in mind, I decided to update this book to include the latest tools, techniques and methods.”
Definitely, he is right and if he continues to update his book, he will be releasing new editions of it every week. There is actually no point in the whole content of the book. Tips and techniques is something that quickly gets outdated. I do not see any big problem in connecting to the astalavista network on the Internet and finding new tools, exploits and techniques about everything you need. That too that has been released that very day. Instead Mr.Fadia presents his Tips and Tricks on “Windoze 95” and “Windoze 98”. Computer exploits become almost useless in a few days after their release, and he on the other hand presents facts that were good 12 years ago!
His best seller starts with telling the reader how to remove computer lithium battery from the CPU to get rid of your BIOS password. Under the title of “Windows Hacking” he tells us the ways to change the startup logo that reads as “Windows 95 is starting”. Then he tells us how to go to options in the Internet explorer and clear the history. Finally he tells us how to name your start button Ankit instead of Start, a few more tweaks in windows, changes to desktop settings, screen savers and all the useless items windows has to offer. In this chapter on “Windows Hacking” one practically learns how to make this funny operating system even funnier. I do not see how changing your screen saver settings can make you an “Ethical Hacker”.
In the next chapters he introduces telnet, IP, ports, sockets, ping, ftp, port 80, port scanner and ways to remove banners from geocities free hosting! To make the volume fatter, he includes codes in Pearl, C++ and Java on scores of pages. I do not see any reason why a person should type a 50-page code again with his keyboard when everything you need in whatever language you want is available on websites like planetsourcecode.com that ranges from DB softwares to viruses. One can even download a free copy of Mark Ludwig’s book “A little black book of computer viruses” that contains hundreds of examples of virus codes, their concepts, development and deployment. It is therefore not amazing that he has written a 600-page book because more than half of it is other people’s C++ and Java codes. Hackers think that the wheel must not be reinvented but he does not seem to agree. He gives you the code for a port scanner, as if no good port scanner was available on the Internet.
I have no idea how agencies like digit can give such comments:
This book is aimed at providing you all the info you even wanted about hacking and how hackers work, but didn’t know where to look. The book looks at topics such as Hacking Windows, Cracking Passwords, Hacking Concepts and a whole lot more. (Digit)
And then Fabmart writing :
Whao ! This book is a 610 page encyclopedia of information on computer security. (Fabmart)
I, being a person who hardly remembers the last time I booted my system on Windoze see the contents as total bogus. In the beginning of my book, I wrote that ‘I will not teach you how to hack, but how to be ac hacker’. Where as this Stanford Business Management student seems to promote the idea that “Its important to hack than to be a hacker”.
If you think you can become a ‘hacker’ by reading a book full of tips and techniques, its just fine. But believe me, you will be like a person who knows how to do 2+2, and calls himself a mathematician! Or maybe an “Ethical Mathematician”!!!