The True Cost of Hacking

[Riot]

Could be those extreme folks are trying to protect the rest of us from some of these costs. This points out the most expensive part of malicious hacking -- the cost to society as a whole in terms of loss of privacy and limits on freedom. For example, I think ISPs would have been more sucessful in resisting Government access to their data if there were not so many compromised computers, etc. to overcome concerns about privacy. The more a free and open system is abused, the greater chance that someone will limit the freedom and openness to protect the innocent, even if they are innocent and stupid.

i think your right here people who do not under stand all about computers will give up every thing for what they think is security. if the goverment said we need to read ever ones e-mail and monitor chat rooms(which they all read do. at least here in the US.) for your security people would say yea why not its for our safety. In their minds they think well if the goverment reads the e-mail they could catch terrorists or somthing but when it comes down to it it is only a way of control because millions of e-mails are send ever day how could the read them all or even do a search for key words every day on that amount of data they really can't put that much money into it if it was only to catch a few people. people think it is about safety on the net but the gov knows it is about knowing what the public knows and thinks. If the goverment really wanted more safety on the net they would hire some programers not search e-mails and spy on people in chat rooms. well theirs my $.02 cents well maby thats more like $.04.

[Tiger Shark]

Security.... Usability.... The line....

Security_______________________________________________________Usability

Where do you want to be on that line?

That's an easy question here isn't it... You all tended towards the Security end.... Why? Because you all have some idea of how to configure your box to make it usable for you while still tending towards the security end of the line. Now put granny on the same computer.... She won't get past the password..... Leave her to set her own box up from the store and there won't be a password.... You know what's going on after that don't you.....

I really don't understand why it is so hard for ISP 's to implement minimal forms of firewalling their clients... C'mon, who needs 135, 137, 139 and 445 open to the world? How hard is it to see a box within the network scanning and shut it down? Overall it's a small additional cost for the consumer to take.... The addidional cost still ends up less than a trip to the "shop" to get it all fixed up again......

My $2

[secure_lockdown]

as was posted on this site a few weeks ago on another thread.

some folks seem to think that trying to break into someone elses network or computer is a very different thing than trying to break into a bank machine or ATM system - and don't believe the crime or punishment are the same.

unfortunatly, law enforcement is starting to treat it as the same thing - same level crime with same level punishment. seriously, you could get prosecuted. and if you do - you will need to hire a lawyer. and no one is going to ask or care about what security patch level that server was at. all they are going to ask is what were you doing in a network where you don't belong. this is serious business.

[secure_lockdown]

I really don't understand why it is so hard for ISP 's to implement minimal forms of firewalling their clients...

they probably will sometime in the near future.

[Riot]

unfortunatly, law enforcement is starting to treat it as the same thing - same level crime with same level punishment. seriously, you could get prosecuted. and if you do - you will need to hire a lawyer. and no one is going to ask or care about what security patch level that server was at. all they are going to ask is what were you doing in a network where you don't belong. this is serious business.

that is correct and I think that that should not be. I mean breaking into a bank is much different than into some one personal lan. cuz if your trying to break into a bank you are or at least think you are very talented at what you do but some one just trying to break in to a personal lan is not and most likely is just a kid doing something he read about and thinks if he follows what he read about exactly that he cant get caught and will find out how wrong he was the hard way. and he will go to jail for a wile because people don’t know enough to see that all they see is a hacker that they have been taught is the devil of the internet and is someone who needs to be locked up for as long as they can put him away no matter what.

[secure_lockdown]

....most likely is just a kid doing something he read about

i believe you. but it doesn't matter what i believe. what matters is what a prosecutor believes. they they are trained to believe what can be proven.

the people you broke into will be able to *prove* that you *broke in*!

how are you going to prove that you didn't mean any *real* harm?

[karmine]

by getting the proper permissions, leave a list of the problems in a txt file on the desktop, and an encrypted file somewhere on the HD so the prosecuters cant tamper with the evidence. of course youd have to spoof the date created.

i know, its a stupid humerous response.

[TheSpecialist]

i know, its a stupid humerous response.

No... just stupid.

As for the title of this thread... now, companys have their own people to make repairs and place changes, so employment is not an issue. And do you actually beleave that a server going down for just a few minutes will cost a company thousands? Thats bullshit. And if you get defaced this actually brings in more viewers that you'd ever have had before, this is just more money in advertising.

The only thing that actually gets hurt money-wise is all the folks in the security field.

[Riot]

i believe you. but it doesn't matter what i believe. what matters is what a prosecutor believes. they they are trained to believe what can be proven.

I know that is what i think causes a big problem because you can prove a lot of stuff with a log file even if it is not true because in like a robbery or something ware the person was physically their ware they can examen his emotions in a computer crime it is just some letters and a few words in a file which can be interpreted as he was getting into this system so he could launched an even bigger attack. and there is no way to prove different but the defendant saying he wasn’t and when it comes down to the prosecutors word agents the hacker who do you think they will believe.

and I hate writing these long speech like things but their true people don’t know jack about computer and people fear what they don’t know or even worse some one who knows about stuff they don’t.

[TheSpecialist]

the way i look at it anyone who follows the hacker ethics are "31337" from the start.

The way I look at it, the "l337 h4x0r" jazz is SO TACKY. People who are into that **** don't have a true interest in computers. If they did then people like that wouldn't make such a scene over minor and redundant computer related tasks and prance around giving each other silly names and words while they wear stupid colored hats.

I also beleave ethics and computers is just a big pile of bullshit. Most people compair malware and defacment with vandalism but really there is almost no such thing as phisical harm to a computer. Really the only true crime you can commit online is maybe something like fraud but even then it still has nothing to do with computers because the Internet is another medium, its not actually a ****ing planet.