-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Erwin, (cc jalarilla) (cc PLUG)
On Wed, 21 Nov 2001 at 02:01, Erwin Oliva wrote: > It's really not our intention to hype what these so-called "script > kiddies", or crackers are doing. We're just informing the public that > these activities are happening in the "background." That's my job. To > report these incidents, unless someone else wants to do it. I agree with you and commend your journalism. Perhaps there was a misunderstanding with the way I phrased part of my previous message. The hype I referred to is not because you report about the actions of groups like Asian Pride. I believe, like you probably do, that it is just right that their actions should be reported to the public. The hype, in my view, is that they are referred to as hackers, which I don't think they are. They're script kiddies, who take advantage of the fact that some system and network administrators don't do their job of keeping up with security updates. Script kiddies do not find security holes in software or protocols. Instead they use scripts (hence the first part of name) that exploit known security holes. What's worse, most of the time these script kiddies don't know about the scripts they use. They just use them (hence the second part of the name). Script kiddies have a place in society and should be reported about. But they don't share the same place as hackers, and referring to them as hackers just boosts their ego, making them feel superior. So calling a script kiddie a script kiddie in a news report lets the public know of the activities of such groups as AsianPride without giving the script kiddies an undue place of honor that only a true hacker -- like Linus Torvalds for example -- would otherwise have. > If the IT community is getting worried about the activities of these > script kiddies, then what is it doing? For one thing people like me are getting in touch with people like you, hoping that we can stop calling these script kiddies hackers. Also, groups like the Philippine Linux Users' Group (PLUG) do various advocacy programs hoping that more IT people will shift from the security hole that Microsoft products are to Linux which is by default infinitely more secure, and with proper configuration, very very difficult to hack, and an almost impossible job for such script kiddies as those who call themselves members of AsianPride. > As a journalist, my job is to write about these incidents, thereby > making people or government think about Net security issues. You've > probably read the grand plans of government on IT. Did they ever think > of security? Hmmm... No, the government's IT people aren't on the right track, IMHO. And I am glad that people like you are helping out by writing about the successful activities of script kiddie groups like AsianPride. > On the difference between cracking and hacking, well, that's another > issue. It's an issue of semantics. The meanings of words do change > through time. Like Linux versus GNULinux...Articles are now using > Linux, but it is really GNULinux, if we really want to be technical > about it. I agree that these situations are similar, but I don't agree that they are the same as far as degrees of importance are concerned. Linux vs GNU/Linux is just about GNU (read: technical issue), and to some people, really just about Richard Stallman's ego (not that I personally agree with them). Cracking and script kiddies versus hacking, however, has social implications. Most, if not all, script kiddies, operate not for money, but for pride. It is their egos at stake. To be called a hacker is exactly what the script kiddie wants to achieve. If more and more of us call a script kiddie what he/she really is (a script kiddie) instead of something he/she wants to achieve, then perhaps we can remove the glory of the entire process of cracking without sacrificing journalism (ie: you still write about computer security). > So I'm still part of the uninitiated public, too ;-) I don't think you are. The uninitiated public probably doesn't know what a cracker is (although they might say "Skyflakes?"). I am hoping, however, that you can help advocates like myself re-educate (or initiate?) the general public. Even if we don't clear up the name of the true hackers, we can at least introduce some new terms (computer cracker, script kiddie) that more appropriately describe most of who are referred to as hackers. Thanks for your time. --> Jijo - -- Federico Sevilla III :: [EMAIL PROTECTED] Network Administrator :: The Leather Collection, Inc. GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7+4Bj5rCBSJO3Rr4RApfeAJ9M0Pxy3J/WPySIK108BEpTnWNN1ACcCa1u 2JbdzQ7Ghj0injfMudvHK9g= =4Z4S -----END PGP SIGNATURE----- _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
