-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joey, (cc Erwin) (cc PLUG)
On Wed, 21 Nov 2001 at 23:56, Joey Alarilla wrote: > Erwin might have let it slide, but that earlier post about e-mailing > "people like Erwin Lemuel G. Oliva ... and let him know that it's > 'Crackers' and not 'Hackers'? Or actually more appropriate, 'Script > kiddies ...' But then maybe he's scared of AsianPride, too ;>' was > hardly called for. Now that you mention it, I agree that my messent to the PLUG mailing list was very easy to be taken out of context. Please allow me to explain the origins of my post, which I hope will allow us all to take it in its proper context. 1. I sent the original message to the PLUG mailing list. Not to Erwin. I did not expect that message to find its way to Erwin, either. I was hoping that if he would read it, he would do so going through the entire thread via some web-based archive of the mailing list and see how much calmer my message was than some others on the list. 2. I sent that suggestion to the mailing list as a number of people were already bashing the article, none of whom seemed to want to get to the source of the article and talk things out with him (Erwin, in this case). 3. I sent a suggestion of someone mailing Erwin instead of just mailing him myself because I didn't (and still don't) consider myself an authority on securing large networks like those attacked. While I maintain our company's network, it's a much easier setup, having one server/firewall sitting between the Internet and the rest of the LAN. And I haven't had the 'pleasure' of dealing with crackers directly, as this system's (luckily?) never been broken into yet. 4. My comment "But maybe he's scared of AsianPride, too ;>" was uncalled for. I apologize for this. But then when you think about it, there is some validity to it. After all, if you write about a group like AsianPride and essentially deprive it of the glory of being an "3l33t (elite) hacker group" then you run the risk of being a personal target, right? > Yes, we know that many people, usually techies, want to keep the term > "hackers" sacred and refer to the baddies as "crackers." We know the > technical difference between hackers and crackers and script kiddies > (I'd hope that all media outfits are aware too but I can only speak > for our Infotech section) and we could engage in a debate over history > and Steven Levy's Hacker Ethic and the technical issues the whole day. This is nice to know. I wish we could see more of this knowledge explicitly stated in the articles, but then I leave that judgement to you. > The point, however, is that "hackers" has been commonly accepted as > the blanket term that the public readily recognizes -- usually > pejorative because it's the destructive activities that worry the > public. We can pine for the golden past of the original "hackers" and > say that only people like Linus Torvalds deserve to be called true > hackers, but words do evolve and they can acquire a pejorative > meaning. I still maintain that something can be done to correct this "evolution", but I'm sure that you as an editor of a highly respected periodical have more authority than I as far as when to use common words (pop sci?) instead of their more accurate technical counterparts. I also disagree that "original hackers" like Linus Torvalds are a golden past. Linux just turned 10 this year, Linus Torvalds can't possibly be a part of that "golden past". He's definitely a modern-day hacker. You may also benefit from knowing that I am not alone in my concern about the use of terms like "hacker" and "white hats". For your benefit here are some messages you can refer to in the PLUG mailing list: http://lists.q-linux.com/pipermail/plug/2001-November/012935.html http://lists.q-linux.com/pipermail/plug/2001-November/012939.html http://lists.q-linux.com/pipermail/plug/2001-November/012971.html > Yes, I appreciate your point about calling them script kiddies, but I > don't agree that this will somehow magically restrain them from > defacing websites or engaging in other destructive activity. I agree that it will not magically restrain them from doing what they're doing. Like I said in a previous message to Erwin, this will only deprive them of the glory and honor of being called hackers on such a prestigious periodical as the Inquirer. > In the first place, they don't see what they're doing as destructive, > they're mostly amoral, remember. This is an assumption that I personally do not think anybody can correctly make. > Websites just get caught in the crossfire when they hurl abuses at > each other. To say that they're doing this because they want to be > recognized as hackers by the media is a rather simple explanation for > their motivations. I'm not saying I know all the motivations for the > activities of these kids, but as someone described it, it's like a > high-tech version of pissing to mark territory or vandalizing walls to > let people know they've been there. Like you I have no authority to say what drives these people. However I would be very careful as to speculate who gets caught in what crossfire. For me the only true concerns are: 1. They're a security threat, and their actions should be properly reported. 2. Whether it affects their operations or not, it is high time that we call a cracker a cracker and not a hacker. They have very different roles in the industry. > Hacking has become widespread mostly because hackers can collaborate > and take advantage of the tools others have made freely available -- > thanks in no small part to the pervasiveness of computing and the > advent of the Internet. Sensationalistic media may have contributed > to the spread, but it's easy to exaggerate the fault of media, just as > the gov't can blame its ills on "misinformation." True hackers do not "take advantage" of the freely available tools. They use and help develop them, like we in PLUG use and in our small ways help develop Linux or the BSDs which are free and open. > Moreover, just as the public wants the technology behind everyday > devices such as cell phones or PCs to be transparent to the user, > technical distinctions between a hacker and a cracker, or between a > hacker and a script kiddie, would be the last thing they would want to > know when something goes wrong. Instead, they would care about the > impact of the service interruption -- why it happened and when the > service would be restored. The general public may not mind what you call a cracker. When the term "hacker" was first publicized people started using it. When you call a cracker a "cracker", they'll start using that term, too. It's those in the industry who care, when an otherwise positive term like hacker is messed up. And since the public won't mind whatever you call these people, why don't you call them what they are? (Crackers, that is). > And it's cold comfort to a company whose site has just been defaced to > say that it wasn't hackers, but mere script kiddies who did it. I agree. It doesn't matter who did it. What matters is that someone didn't do his or her job right. What matters is that security was breached. --> Jijo - -- Federico Sevilla III :: [EMAIL PROTECTED] Network Administrator :: The Leather Collection, Inc. GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7/E4H5rCBSJO3Rr4RAoYOAJ4k70W6gclec1q4hpnbl1aZSW0JiACeMj65 PP21seyrPWwQshWAqGDrNHs= =NUyT -----END PGP SIGNATURE----- _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
