I was at a Toastmasters meeting yesterday and heard this interesting speech on hacking. I’m reproducing it below from memory and the ‘mindmaps’ that I drew on a scrap of paper, so it is possible that there are some differences between this and what the speaker said.
Start of Speech:
Do you know who the Time Magazine’s most influential person of the year for 2009 is? His name is ‘moot’. I don’t mean ‘moot’ as in ‘beside the point’. The name of this person, or rather handle as it is called is really moot. People believe that he’s a certain 21 year old known as Christopher Poole, but it can’t be proved.
Dear Toastmasters and Guests,
I present before you ‘A Brief History of Hacking’.
Beneath the humdrum of the internet: facebook, orkut, twitter.. you name it there is great instability and chaos.
There is a war on.
There is a war on between those who want to disrupt the system and those who are given the job of protecting it.
The war is between security experts and hackers.
As in a war, there are casualties.
People die in this war.
In real life.
Everyday.
Recently in Bangalore a very promising entrepreneur took his own life because his life’s work was destroyed by hackers.
Just like in a real war, there are double agents. You never know who the good guy is and who the bad guy is. And added to that is the involvement of the mafia worldwide. The world of hacking is a dangerous world. That world is just the click of a mouse away from you.
What is hacking?
Hacking really means to explore the limits of something. As an example, I can hack together a pizza very nicely. But in common usage the term relates to illegally exploiting weaknesses or holes in computer systems for malicious purposes. The common usage is not really accurate but I will use it in this speech because as I said, it is common usage.
There are three types of hackers: Blackhat, Whitehat and Greyhat.
The Blackhat hackers are malicious hackers, on the wrong side of the law. The Whitehats are the good guys or heroes or ethical hackers. The Greyhats are those who may or may not be malicious, but those who are not always on the wrong side of the law. You never know about the Greyhats, which way they will turn.
But.. let me take you back a few decade and we will take a look at the history of hacking…
The form of hacking which became very popular in the 70s was known as phreaking. While it cannot be considered hacking, the two fields are intertwined. Phreaking was used to gain control of telephone systems by whistling a precise tone into a regular telephone. And hey presto, you had the ability to make free untraceable calls anywhere.
It was in 1998 that a hacker (Whitehat) by the name of Aleph One wrote a paper for Phrack magazine, a magazine for hacker. This paper was a very important papers in the annals of hacking as it explained the details of one of the most common and deadly forms of attack known as the ‘Buffer Overflow Attack’. This paper was titled ‘Smashing the stack for fun and profit’. If you are so inclined, you can search for and read this paper online. Aleph One is now the CEO of a prestigious security consulting firm.
This was the age of Remote Hacking, enabled by the usage of the buffer overflow attack. One could send you an email, and the moment you opened it, your computer would no longer be under your control. Of course you would never detect that. Even to this day..Does your computer have a webcam? Is it only you who can control it? Are you sure?
This was followed by the age of Malware. Viruses, Trojans, Worms. That continues to this day and is growing stronger by the day. Now even when you install a brand new Operating System, you cannot be sure that you and only you control it.
The third phase emerged with the advent of the web. The popular ones are SQL injection attack and the XSS attack. These are commonplace now. You can use these to gain access to wireless networks. There are numerous more complicated attacks. I will not go into those, but let me tell you, if a computer is on a network, it is not safe. Even if it is not on a network, still it is not safe. Think of pen drives..
The fourth phase is that of automated hacking. Computers gain access to other computers, at the bidding of their masters, automatically.
Now a few big hackers in the game:
Kevin Mitnick – The most wanted computer criminal in US History. Sentenced to several years in jail allowed no access to computers for 15 years. Recently AT & T disconnected his cell phone. It seems that they don’t want him as their customer.
Fyodor – Again a nickname. We know who he is, but his real name is irrelevant. He is perhaps the best known Whitehat hacker.
Aleph One – I have already described him.
What can hackers do? They can bring the internet to a full stop. They can stop the telephone systems. They can turn off Power Plants. All this, they can do while sitting at home or in a coffee shop.
So, finally, who is moot? Moot is the owner of a website called 4chan, as in 4 channel, which is frequented by hackers. 4chan is the greatest source of internet memes ever. 4chan has even taken on the Scientology (of which Tom Cruise is a member) organization in the past. So how did moot end up as the winner of the Time person of the year? The hackers who frequent 4chan may have done it. Moot probably did not even know who was involved. He is a mere mascot. Or at least that is what he wants you to believe.
End of Speech
My Notes: The speaker missed this part. Go to the Time magazine’s most influential person for the year 2009 list. Look at the first letters only. You will find a pattern that says ‘Marblecake Also The Game’. I wonder what it means. But I am amazed at the fine tuned hacking that was done. I also wish people would use the word ‘hacking’ in the real sense which the speaker explained but did not dwell on for long enough.
I will try to attend future meetings and post what I hear and observe.