Hackers, Phreakers and Me: A Journey into the Realm of Info Security

Every day, systems are attacked and systems are protected by people using their knowledge and expertise with computers, networking, telephone systems, wireless technology, and a variety of subcategories to computer science and general electronics. Have you ever wondered about the motivations, the risks, the endeavors, and how vast the groups and individuals could possibly be in these areas? This article will detail a bit of all of that, and even my own first-hand account of being a part of what you may love, hate, or feel indifferently toward by the time you read this article.

While it is more complicated to form a successful attack against a system running FreeBSD Unix or a clone of UNIX like Linux, this does not mean that it isn't possible to hack a UNIX system. It is possible, and has been done...it's just a lot more difficult since there is more power (and the operators of those more powerful systems usually know their security quite well). That, and the fact that the majority of computer systems today in use for businesses and homes are not UNIX-based, Mac OS, or anything other than Microsoft Windows.

Many information specialists would think: "Why hack the minority of operating systems anyway, when they have better security and more capable management already running them and guarding against these attacks effectively. Why not go after and attack a sitting duck on a Windows system who might not even realize they are being attacked until months or years after the fact? Why not go for these easier targets who put all their information out where you can see it, and are trusting all that sensitive information to an operating system which barely if at all protects them from us?"

OK. I know that's a solid slam to Microsoft Windows, and rightfully so since the only thing they have given to users to protect them freely is the Windows Firewall (which works about as well as my speak-n-spell at logging on to the Internet). If a hacker is really good and wants the data badly enough on a system, he or she won't stop until they've figured out a way to get it...whether it's a cute email attachment with smiley faces, an exploit to Windows Media Player which most people use or have on their windows-based system, or a pre-installed package for red hat Linux that gives root privileges...there is always a way if your operating system is known, and you are on the Internet. Even something as small as hacking a database through an SQL injection attack online has yielded disaster.

People who write viruses and form attacks to extract data (or ruin others data) have a variety of reasons that they do so. And believe me, unless they are new...even if they are young but have at least a few years experience...they are fairly good at what they do.

There are at least two labeled types of individuals who compromise the security of computer systems today online...they are called "black hat" and "white hat" hackers.

A black hat hacker is generally termed as a ruthless digital aggressor who uses their knowledge for destructive purposes, personal gains, or both. The agenda or motivation for doing so is either as a personal vendetta against a company, an individual, or neither as long as there is personal profit made. Sometimes it can be activist-based, or people just aimlessly looking for a victim to attack as they prove a point. There are too many reasons to count as to why someone might choose to attack a system or many systems these days. Whatever their reason is, they attack digital systems with their knowledge.

Note that there is a subgroup of people called Script Kiddies who at times are considered by only the general public as "hackers", while by the legacy community and the newer IT field are not (since script kiddies usually never write their own tools or have the knowledge and understanding that programmers, pirates, and advanced information specialists do). Script kiddies cause damage and do malicious things just for lulz...they have no specific purpose, moral backbone, or anything of importance to guide their direction. They only wish to attack people to destroy aimlessly. While they are not as advanced or as knowledgeable as black hat or white hat individuals, they are still a serious threat to the general public and as such, have been included only as a lower sub-association with black hat. Even still, script kiddies are generally looked down upon by the hacker community as a whole (be them black hat or white hat) due to the fact that they aren't of much use to either one and can be both an obstacle and an irritant to both.

A "white hat" hacker is defined as one who hacks information to help a person, group, or society. A white hat hacker does not attack the systems of others for personal gain, glory, malicious intent, or unearned profit through the loss of the victim. A white hat hacker compromises the security of a computer or a digital system only to find the vulnerabilities of it, and then to figure out a solution to the problem to protect the victim from a real attack.

The white hat hacker is often seen as a type of silent guardian who helps to protect corporations in cyberspace, protect individuals online who need better security or are left vulnerable to attack, and basically creating a barrier of protection and element of balance to cyber security and a good vs evil struggle electronically and on the Internet.

The black hat hacker is seen as more of a predator who is out for their own gain, or as a hired mercenary of sorts with allegiance only to a certain group, or to no one at all but themselves.

It's safe to say that although black hat and white hat information specialists may disagree on the ethical situations of why it is OK to be one type and not OK to be the other...we generally agree on the types of methods used to attack or defend systems against things. This is due to the fact that White Hat hackers must often think like Black Hat hackers to be able to protect others from the attacks, and Black Hat must think of how a White Hat might defend against the attacks. A black hat must figure out ways to nullify the protection given to others by White Hat hackers to be able to successfully step up their attacks against them when they need to.

Over the years I have been labeled by people as both a "white hat" and a "black hat" hacker for a variety of reasons. I don't really see it as either, though. Here's one reason why:

Not too long ago a friend of mine worked for a large corporation that closed down, and was cheated out of their last pay check from that company. The company (which will not be named here) tried to go out of business silently after it quietly let go of all its employees without paying any of them their last paycheck. They basically closed their doors, tried to take the money of their employees that were with them for years, and run away to avoid paying them (and avoid the consequences of the dot-com bust that had finally caught up to them along with the current state of the economy).

I didn't know the personal situation of the other employees or how to help them directly. I didn't have their personal information or the time to obtain it discreetly. But I did have the cooperation of my friend (who had a family to feed, and 3 children) and the means to get onto the computer system of the former CEO and transfer funds anonymously for the amount of their final paycheck, and nothing more.

I had access to about a quarter of a million dollars if I wanted to transfer it in different ways. I could have formatted the drive and deleted all the records the CEO had on that computer, and anything else that I wanted to do since they were not able to protect such an important system and know better than to leave it connected to an always-on broadband connection. I did take the money out of their account and transfer it transparently to my friend (who could not even get unemployment since the company claimed bankruptcy).

My friend only needed their final paycheck, and that's what I got for them. Nothing less, and nothing more. I didn't damage any systems, and I didn't accept any form of payment for having done that for them. Although the CEO might claim that their system was "attacked" by a "hacker", they might also claim they were "attacked" by a "criminal" if they were legally caught stealing the money of their employees without consideration for their families and children that they fed with those jobs. They might even call the Judge who rules in favor of the employees and the families "crooked" or "evil". But is he? Am I?

So does something like this make me a White Hat hacker for helping a friend, for not having personal gain, for not destroying, and for making sure my friend and their family were protected financially...or does it make me a Black Hat hacker for having attacked the CEO (thief)'s computer?

Maybe I can go with "Grey" hat on that, since it may be a little of both. But I still look at it as more of a White Hat situation than anything else.

Unfortunately, the law is not as forgiving, understanding, or anywhere near as caring. They make laws (at least in the United States) to serve the purpose of the legal system first, to protect criminals second, to protect corporations third, and lastly to protect the people.

So this isn't something that you do without being a perfectionist and an excellent foreplanner. It isn't something that you ever want to ever leave a trace of either, just for the sheer fact that you won't be favored or given any leniency if you are ever caught. Due to what the legal system considers important (which is usually contrary to what most people want and feel is important outside of the courtroom), you can be fined or thrown in jail for doing the right thing with the right mind and a good heart as long as the law has labeled it illegal. Especially cyber activities, which they have conveniently and most profitably labeled "cyber crime".

The infiltration of ANY computer can now be seen as a "crime", even if you are using your computer to do the right thing that some profiteer of law disagrees upon. Sorry to burst the bubble of those who thought that America was somehow a free country. It is more free in some ways perhaps, but it pays for its freedoms with the profiteering, fining, and imprisonment of those it disagrees with.

Now at this point, some might actually be wondering if I am a black hat hacker after all. No, not really. I spend most of my time this way helping people to secure their home and corporate systems to protect them from most common threats, and sometimes defend against and reverse engineer unknown viruses, trojans, and the less occurant but more complicated threats known as rootkits. Definitely White Hat stuff and procedure.

So maybe my hat is grey after all. But it isn't really the Black Hat that you have to be most worried about. Unless you are extremely rich or have trade secrets stored on your computer, top-secret information or other things on your computer...most Black Hat hackers will skip over you. They aren't going to spend their time and expertise to risk getting caught over stealing a few hundred dollars from one bank account like a petty thief.

But they may risk stealing a few hundred thousand really quickly from the girl who is running windows vista on her laptop over an unsecured wireless connection with Norton Antivirus or Windows Live One Care as her only form of protection. If she happens to be on web-cam doing lewd things for her boyfriend and is relatively pretty, they might even decide to exploit the common hack in XP, Vista, and Windows 7 remote desktop to watch the show while they transfer the money out. They may even record the video and audio stream remotely, then sell the digital video to a porn company and make a few thousand more on top of what they just stole. The sky is the limit as a black hat hacker, because you do what you feel like doing, and no one is going to stop you unless you make a mistake.

On one of my next articles, I'll discuss and demonstrate how you can protect yourself from most of the common threats online that are picked up from browsing the net (or what I have termed as "blind use"). These are generally things that neither Norton nor Mcafee will ever protect you from. In addition to help with those things, the new article will assist to help protect you from a few little undocumented issues, possibilities, and firewall situations where people can use exploits and remote programs to get in and onto your machine if you're using a Windows-based system at any way.

The article won't be a guide to protecting you from every possible threat out there, but it certainly will help protect you better than the majority of the canned products do that you may already be using or paying a subscription for commercially.

Before I end this article, there are a few other types of people often labeled as hackers that I'd like to mention so you will know them when you come across, see, or hear about them. We already discussed White Hat, Black Hat, and Script Kiddies. But there are also hardware hackers...basically people who hack the hardline to a telephone system, pbx box, or other telco equipment. They also deal with other physical modifications to digital hardware to make them more compliant with a hack(sometimes working alone with duality as a black hat, or as a team).

Generally when a Phreaker creates a circuit to phreak a phone line, digital channel, or electrical system, it is called "boxing". This term goes back as far as the late 60's and early 1970's. The first phreaking device confiscated by Ma Bell (Bell Systems) was a device that let you place free telephone calls, and got its label as a "blue box", since it was placed into a blue box when Bell finally got a hold of it. You had the black box after that one, which let you receive free calls, and a variety of others that did things like simulate a lineman's headset, record calls, and other fun stuff. As much as I'd like to continue on about phreaking, there is a great deal of information on that to be discussed, and as such I think it's best to reserve that as its own article later.

Another form of hardware hackers are known as Carders. Carders are those who attack chip-based cards and magnetic-strip cards to figure out how they work, and how to exploit the features of the card. Mostly done for bank card, gift card, and other forms of piracy...or, to figure out a better way to implement it to present to a company or corporation in exchange for financial benefit, credit, or both.

Another form of hacker (going back to software hacking) is the Cracker. Although it sounds like something you might eat (or a derogatory term for a white guy like me), it is actually the term to describe a software hacker who specializes with defeating the copyright protection of commercial and shareware software (or helps enable commercial software publishers and shareware authors to protect their products successfully). A Crack is the result program that is created by a Cracker to patch (modify) an executable program or linkable file which makes the program believe that it is either "registered" or has been commercially purchased. The purpose of a Crack is to be able to use an unregistered or trial version of a program, and unlock all of its features and make it either behave or fully become a purchased full-version of the software.

I'd like to mention a very important note about cracks, though. It's really important that you be extremely careful with cracks. Much more than trying to obtain a serial number. Unlike serial numbers (which you can just copy and paste into a program out of a text file and usually have no virus or trojan risks at all), cracks are executable programs which run a program on your physical computer to "crack" the software. This means that a virus or trojan can (and many times IS) bundled along with the crack, and will run at the same time that you click on the crack or execute it from a shell prompt. The crack can add entries to the system registry, copy files that are not even noticed to the system directory if successful, or exploit an existing program that is universally used on most Windows systems to gain access to it several different ways.

A lot of viruses and trojans are picked up on general anti-virus scanners, and a lot aren't. Unless a virus is already in the database (and updated), then an antivirus program cannot see or know if a file is infected unless it goes by a heuristic rule set only. Other times, some virus programs even deliberately create a false-alarm on purpose sending scary messages to users. Why? Because many antivirus companies seem convinced that it will prevent people from using or running any program named "keygen" or "crack" at all, without even scanning it.

There is no actual "safe way" to always be sure 100% of the time that a file is clean when it's a software crack from an outside source (unless you have the source code to the crack, can analyze it, and compile it to compare the file size). That, or if you know and trust the author of it personally.

There are things such as exe bundlers (executable encryption programs, sometimes with compression) which transparently obfuscate the executable code from a crack file as it runs. These programs make it so that data is extracted and executed on-the-fly, and will only read data out as a byte at a time, or a block of bytes (words or double-words) at a time as it executes them over Intel based and AMD 586+ processors.

Exe packers make nearly all antivirus scanners and malware detection systems unable to successfully detect viruses and trojans that have been transformed this way unless they have a means to unpack the data (and with today's encryption algorithms, I have yet to see one that can unless it's just raw data from a zip, rar, or ace file without password protection and a different file extension).

The only truly safe way to analyze and ensure that a crack would (mostly) be safe to use is by deploying a virtual machine, and monitoring the changes and activities of a crack file through a process monitor safely from a host system as you execute it. The sad reality though is that most computer users running Windows won't know how to do this or spend the time to find out how, which puts them at further risk whenever there is haste to execute or run a program that may be a compromised executable file or crack program.

So now you know the difference between White Hat and Black Hat hackers, what script-kiddies are, what phreakers, carders, and other types are, and the differences between them as well. I hope that you will also be cautious of using cracks, and research things like virtual machines and products such as VMWare, Parallels, or Microsoft's Virtual Machine technology that they acquired when they bought out Connectix Virtual PC. I do not encourage or endorse others to be black hat, white hat, phreakers, carders, crackers, or any other type of information specialist in any fashion which would produce illegal activity or harm others. That is a personal choice that you must make. Information and knowledge are good things...it is the beholder of them who chooses good or evil after having found and mastered those things.

I will leave it to you to draw your own conclusions as to whether or not any of the above types of information specialists are right, wrong, or anywhere in between. Including me. Regardless of your conclusions, I hope that this article has been enjoyable, informative, and educational as it was intended to be. I also hope that you will continue researching topics such as network security, network intrustion detection, hardware hacking, and other subjects. If for nothing else, to secure your systems, and the systems of your friends, family, and anyone that you care about.