Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Ethics, Morals, and Hackers, oh my!?!

  1. #1
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177

    Red face Ethics, Morals, and Hackers, oh my!?!

    There have been more than a few posts lately discussing things ranging from Bastards are all Hackers to a discussion on some report from Symantec (oh, let's all hold our breath and pay attention) My opinion on some report and a buck fifty will get you a cup of coffee.

    Ok, sorry, that was a little blunt. I'm not attacking individuals here, but I AM singling out an attitude and manner of discussion lately that involves less of the proper intelligent debate and more of the fanboi bitch-n-moan-a-rama stance.

    Ethics is not an exact science. Neither are communications or human interactions. I had a lengthy discussion with someone recently because he felt I was belittling him for of a certification he holds. Here's the root of the issue:

    Original internal email that has been purged to protect the guilty, sent Friday the 17th
    Just some beer-30 musings from me on the Certified Ethical Hacker credential
    from the EC-Council. http://www.eccouncil.org/CEHFAQ.htm

    I have been considering testing for this fancy cert that means 'Trained
    Pentester', for quite some time now. I was curious what the internet
    consensus was on this cert, and found this blunt assessment from P.J.
    Connoly at InfoWorld. While I somewhat agree with his sentiment of 'real
    world experience is more valuable than certification', I also actually LIVE
    in that real world and recognize that experience with NO certifications
    makes you a MUCH harder sell to a client or employer. Experience must to be
    tempered on the anvil of certification. (catchy, eh?)

    But the point of this is his statement about the EC-Council's semantics,
    which follows:
    "But pretending to "certify" someone as ethical is
    downright dishonest. It's one thing to give a character
    reference to someone you know personally or
    professionally. It's another to claim they'll behave
    ethically under every conceivable situation."

    That really strikes home with me, being a former police officer and public
    servant who swore an oath to defend and uphold the Consitution of the United
    States, as well as the Laws, Charters, and Ordinances of my state and city,
    and to defend life and liberty within our borders.

    I'm not knocking anyone in our org who holds a CEH; personally, I'm a tad
    jealous that you could legitimately put the word 'hacker' on your biz card and
    smirk when your boss questions it. I'm still pondering if this certification of
    knowledge and skill is what I would want to present to a client. But I do have
    a problem with any business, non-profit or not, certifying others as 'ethical'.

    To paraphrase one of my favorite David Spade/Chris Farley movies, "If you
    want me to take a dump in a box and mark it guaranteed, I will. But for you
    and your customer's sake, ya might wanna think about buying a quality item.
    "

    http://www.infoworld.com/article/04/...cadvise_1.html

    zencoder, CISSP
    Senior Consultant
    Our Consulting Group
    This Big Ole Company, Inc.
    O: 555-1212 F: oh, like anyone uses paper fax anymore!
    So he got all offended that I was saying he is worthless because he took some (very hard...his words) test and I don't think he's worth a damn. He got all of those personal attacks from the body of the email above. I don't know how, but that is what he felt.

    "Hacker" is a word that is here to stay, and it will be (mis-)used by the press and individuals until it falls out of popular favor. What it means varies from who used it to what venue they uttered it in. How we use it to evoke a reaction from our audience will also vary.

    How we choose to interpret a symbol is of pivotal importance. The problems in this world are oft rooted in miscommunications and a failure to heed the needs of our opponent.

    Call yourself a hacker, a cracker, a fat-boy-slim macker. I don't care. I will try to recognize your perspective and position, and what your intent by using such symbols. In doing so I am bound to make mistakes, but I will *TRY*. But please recognize that I am one of many, many other individuals in this world who must also make an attempt to see your point of view...and most of them wont give a rats ass.

    One man's hacker is another's savior. And a thirds terrorist. And a fourth's holy warrior. Ethics is a slippery slope of perspective, definition, morals, and personal judgement. CopyRight can take over this discussion now, if you are interested in pursuing the philosophy of ethics.

    Intentions are not always obvious. Tools are not inherently 'evil' or 'good'. An attack may come from a compromised host, whose oblivious owner has nothing but good will for you.

    Let's be careful before we start using labels, and judging others based on labels. It does more harm than we realize.

    </tree hugging rant>
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  2. #2
    I hope that my post's inclusion doesn't mean you think I'm a fanboi of Firefox I like it, and use it pretty much exclusively, but I was just trying to point out my issues with the approach that Symantec took in making the comparison. As has been pointed out to me by yourself and another AntiOnline vet, I didn't really get that point across very well (what can I say, I'm still n00b-tastic).

    I agree though, people seem to be getting all caught up in semantics about what they are or aren't. Its silly :P
    \"The future stretches out before us, uncharted. Find the open road and look back with a sense of wonder. How pregnant this moment in time. How mysterious the path ahead. Now, step forward.\"
    Phillip Toshio Sudo, Zen Computer
    Have faith, but lock your door.

  3. #3
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by WolfRune
    I hope that my post's inclusion doesn't mean you think I'm a fanboi of Firefox I like it, and use it pretty much exclusively, but I was just trying to point out my issues with the approach that Symantec took in making the comparison. As has been pointed out to me by yourself and another AntiOnline vet, I didn't really get that point across very well (what can I say, I'm still n00b-tastic).

    I agree though, people seem to be getting all caught up in semantics about what they are or aren't. Its silly :P
    Hey, no, as I said I'm not attacking individuals here. It's an attitude thing that I see over and over, and no I'm NOT accusing you of having it...my comment about "lets go back to banging rocks together" was more in the devils-advocate vein than anything...and obviously it didn't go over that way...thus, I prove my point above. :P

    I can find many many many articles on the security of IE, windows, etc. And someone else could find as many, and more, for Linux, FreeBSD, etc. It's pointless. The key is that as a collective we don't act on the knowledge that the root of the problem is in default behavior, of the user, of the operating system, or the group. Without changing that default behavior, many of these problems will never really be solved. They'll be put off, bandaged, and grow back with bigger fangs.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  4. #4
    The key is that as a collective we don't act on the knowledge that the root of the problem is in default behavior, of the user, of the operating system, or the group.
    Absolutely! Though I think that the change needs to be even more fundamental than changing the behaviour of users - humanity needs to stop being selfish & malicious.

    But that's just my pipe dream. I think your method might be more workable
    \"The future stretches out before us, uncharted. Find the open road and look back with a sense of wonder. How pregnant this moment in time. How mysterious the path ahead. Now, step forward.\"
    Phillip Toshio Sudo, Zen Computer
    Have faith, but lock your door.

  5. #5
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi zencoder,

    Because you refered to it I will respond...maybe you missed the point of my side of the argument ( and maybe you didn't ) but...if you had read my posts the point I kept trying to get to was not ethics in regard to morality...but ethics in regard to property rights...I was not making a moral issue but an issue of general law...accepted social law...
    what a hacker is was a secondary issue that kept creeping up.

    I agree that ethics can seem to be a very gray area when it comes to morality...but morality wasn't even an issue at all...the issue I had was the excuses hackers use to justify violating another person's property rights.

    and the fact remains...if it's not yours...you don't have any rights to it.

    Eg

    As for the statement regarding the blind area of attack...I clarified that in my posts as well...that I was not talking about that...in my snake analogy...
    I was not talking about you putting a snake in the street ( accident or on purpose ) and it finding it's way into a home...I was specifically talking about the snake a person purposely puts in through a window.

  6. #6
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    Keep it coming, boys... I'm writing a 10-page essay on "ethical" hacking, it's due in 3 weeks, and I need some controversy!
    I've been wanting to include some Antionline thread in my bibliography, but I couldn't find anything worthwhile - make sure this one becomes worthwhile!

    Hello, Professor Rind!

  7. #7
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi Neg,

    You could write your essay on societal norms...do they apply to the internet?!

    For instance we have an accepted principle of ' societal law ' that states...no one has the right to take, use, or manipulate another person's property without their consent...

    I cannot enter your home, listen to your sterio, take your car, or relieve you of your use of your computer...without your approval...as it is recognized that these items are yours and not mine...

    so...by societal law...does a hacker, even one with good intentions, have the right to breach these norms?...does not societal law extend to the internet?...the computer is still in your home, it is still yours, how many rights are you willing to concede?

    If you liken your car as your computer and a highway as the internet...when you're sitting in your car at home going BBrrrrrrrOOOOOOmmmm BBrrrrrrrOOOOOOMmmmmm ( and we know you do ) you're not connected and you're fine...but as soon as you access that highway...do all of your rights still apply? Can I access your car and take control of it remotely...ethically?

    Eg

  8. #8
    Junior Member
    Join Date
    Mar 2005
    Posts
    25
    well, i have something to add. ethics is hard to be implemented, humans now have become more materialistic than ever(the future will be worse).do they teach you morality in school?sorry if in your country you are taught, but in my country they dont. but we should realize that in religion, morality and ethics are important, so if you are a good christian/moslem/jew/buddhist etc then you have ethics or self-conscience towards others rights.sorry for provoking the issue about religion..

    http://www.harunyahya.com/
    buat baik berpada-pada,buat jahat jangan sekali

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi Negative,

    Not sure if you saw this link I posted, deliberately for students:

    http://courses.cs.vt.edu/~cs3604/lib...n.Hacking.html

    Nicely written paper that goes back to MIT in the 1950's/60's.

    I thought that guys wanting to write on this subject might want to include a bit of the history?

    Back then "hacker" wasn't a "bad" word, and all of them were "ethical" to some degree.

    Cheers,

    Johnno


  10. #10
    Umm no... it was and still is very lame. Because you know its one thing to smoke pot but then its another thing to pretend your some "free thinking" and very hip, beatnik. Agian, I say people who toss the H-word around are just a bunch of self important *******s.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •