Hacker Defender Maker Defends Himself
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Hacker Defender Maker Defends Himself

  1. #1
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416

    Hacker Defender Maker Defends Himself

    People often ask me why I don't write security applications instead of rootkits. It is clear that I would have to prefer one of these applications, either rootkit or anti-rootkit. If it is rootkit, no one will use my anti-rootkit, so it would be a waste of time to implement anti-rootkit. If it is anti-rootkit, then again, no one will use the rootkit. I've decided for the rootkit way because it is more painful for so called security companies.
    Keeping security companies honest by finding holes is one thing, developing software used specifically for taking control of people's computers is quite another. Pretty sad excuse.

    http://www.emailbattles.com/archive/...aacejifdhf_ic/
    .

  2. #2
    Banned
    Join Date
    Apr 2003
    Posts
    1,146
    Well, just give me five minutes alone with holy_father and he'll be livin' up to his nickname. 'Course, that assumes he doesn't just piss his Depends and melt in fear first.

    I attended a recent security meeting and a Secret Service agent in charge of cyber crimes was our guest speaker. His experience is that 99 percent of these creeps are spineless wimps with no lives and no other socially redeeming qualities. He had photos. He walks into the house or apartment, and they pretty much are so scared they do everything he asks and just hand over everything. One dude actually burned the hacked data and kiddie porn to DVD for him while he waited, just 'cause he asked.

    Yeah, he said that most cyber criminals are also addicted to kiddie porn, and that is almost always the second charge after the warrant search.

    Nothing like what Hollywood portrays.

  3. #3
    BIOS Bomber
    Join Date
    Jul 2003
    Location
    Michigan
    Posts
    357
    It sounds like he tried using a loophole but made it abvious of what he was doing like hesperus was talking about.
    "When in doubt, use Brute Force."

    Never argue with an idiot. They'll drag you down to their level, then beat you with experience.

  4. #4
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    Ummm, hate to say it Hesperus, but the guy's right.

    Consider for a moment, radar detectors.

    The SAME PEOPLE who make the police radar units make the detectors for them. It's a 2 cycle demand for products - the cops spend millions to get a 'newer and badder' radar, then the public spends millions to get 'newer and badder defeater' radar detectors. Begin cycle, repeat forever.

    Same goes with idiot stick. Is it unethical? Yes, but it makes him millions.

    Hate to say it, but having megabucks means you no longer need ethics. We've encountered countless cases of that in history, and I'm ashamed to say it won't end.
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    People often ask me why I don't write security applications instead of rootkits. It is clear that I would have to prefer one of these applications, either rootkit or anti-rootkit. If it is rootkit, no one will use my anti-rootkit, so it would be a waste of time to implement anti-rootkit. If it is anti-rootkit, then again, no one will use the rootkit. I've decided for the rootkit way because it is more painful for so called security companies.
    what i hear is...i can do good or i can do evil. duh! i think i'll do evil!
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Originally posted here by |3lack|ce
    Ummm, hate to say it Hesperus, but the guy's right.
    I know what he says about the cylce of updates is correct. But somehow he squares himself with forcing AV companies to play catch up rather than helping them stay one step ahead. Since it is people's privacy that hangs in the balance, his position is inexcusable. He sees it as a game, constantly inventing this rarified space of undetectibility, and excuses himself by saying he is bettering those who are trying to stop him. It is a sinister and detached kind of madness that is blinded to real consequences.
    .

  7. #7
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I can see what both sides are saying... you have to look at a couple of things...

    AV software has always been reactive... not proactive... Who's to say that if he was playing for their side that they'd bother trying to be proactive even then... It's not something those companies are famous for... They're always playing catch up and if they keep up their current methods they always will be.

    He's releasing software that while it is dangerous... it is forcing AV vendors to push their software that extra bit of distances.... He's publically released the source code and the AV vendors still can't create software to find it... If he was doing this for them (creating the source code privately and providing it to them so they could create protection against)... do you really think they would??? No... because it's not affecting anyone..

    It's sort of like the world of exploitation... When a new exploit is announced.. many vendors do nothing... it waits 2 weeks... 6 weeks... 6 months.. Then it's released publicly and suddenly the vendor does something..

    This is an ongoing problem with computer security... it's mostly reactive... It's not an easy field to be proactive in.... or rather most people are too lazy to put the steps in place to be proactive..

    I don't agree with what he's doing... but I can see how he would be pushing the AV companies to work harder and do more...

    It's like playing poker.... Even if you know you're going to lose you bet anyways.. .just to keep the other player honest and see what he's holding.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  8. #8
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    He's releasing software that while it is dangerous... it is forcing AV vendors to push their software that extra bit of distances....
    forcing AV vendors to push thier software and make it more costly for us to run our computers. Not only the cost of the software, but the ever increasing resources that the software requires.

    now adays, you need antivirus, antitrojan, firewall, antispyware, antiidiot software.
    and thats only on the client side. you also need server side, devices at the border, spam/virus filters on mail servers, etc.

    I don't agree with what he's doing... but I can see how he would be pushing the AV companies to work harder and do more...

    It's like playing poker.... Even if you know you're going to lose you bet anyways.. .just to keep the other player honest and see what he's holding.
    In the end... the consumers lose. They lose by either having to buy updated software or hardware to run the software, or risk paying to repair damage done by malware. We can't expect everyone out there to be "security experts"
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  9. #9
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by phishphreek80
    forcing AV vendors to push thier software and make it more costly for us to run our computers. Not only the cost of the software, but the ever increasing resources that the software requires.
    Don't forget a lot of the increased resource usage comes from sloppy and improper coding...

    now adays, you need antivirus, antitrojan, firewall, antispyware, antiidiot software.
    and thats only on the client side. you also need server side, devices at the border, spam/virus filters on mail servers, etc.
    Would you pick A) No Protection B) Reactive Protection or C) Proactive Protection...
    I want C and the only way the AV companies will ever get here is if someone is pushing... they won't take the initiative to do it themselves.

    In the end... the consumers loose. They loose by either having to buy updated software or hardware to run the software, or risk paying to repair damage done by malware. We can't expect everyone out there to be "security experts"
    We can't expect everyone to be a security expert... but we could expect them all to have a basic set of skills... We require it for Driving.... for Hunting... For Boating... Or they could pay to have the security set up... Yes the consumer loses (it's funny you put loose... a tic tac toe drinking game I bought actually had instructions that said "The Looser Drinks"... just read it a few hours ago)... but is it an awful loss? Compare it to the alternatives... AV is unheard of... suddenly someone releases something that fubars everything... Not good..

    Like I said.. I don't agree with what he's doing... but I think something needs to be done to push these companies to move to a proactive approach.. Right now this is what's doing it...

    It's like drinking and driving laws.... Enough people were killed and they finally put laws in place... more people died.. they became more proactive (ride programs etc)... It's sad but it takes something awful before people take that next step forward...

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  10. #10
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by Tedob1
    what i hear is...i can do good or i can do evil. duh! i think i'll do evil!
    <Advocatus Diaboli>

    Evil and good are irrelevant in this discussion. He is choosing a side between societal symbols of accepted mainstream norm and rejected subversive counterculture. Evil is probably better used as the White Hat perspective. Do you think that government hackers working against their nations' adversaries believe that they are Evil?

    </Advocatus Diaboli>

    I agree with the speaker at rapier57's meeting. This guy seems like a git who has no life, no social skills, and can only feel empowered by whatever "cred" he get's from the cracker community for writing l337 spl0i7s. I could be wrong. *smirk*

    As for the kiddie porn, my experience is slightly different. When I was investigating accusations of criminal behavior in the Internet jurisdiction, most of what I dealt with was fraud and kiddie porn, not skiddies and crackers. However, many of the kiddie porn freaks fancied themselves "hackers" and bought into the whole counterculture...maybe as a justification for their childporn circle of associates, maybe because they figured they could learn to protect themselves from The Feds, who knows. But exploitation of children and 'rootkit skiddie circlejerk clubs' usually had many of the same ties.

    <Off Topic>
    I should copyright/trademark that, rootkit skiddie circlejerk clubs.

    Ah, I crack myself up.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •