1 / 12

Chapter 4

Chapter 4. Digital Criminals and Hackers. What is a Hacker?. The consensus of computer crime experts is that most computer criminals are insiders to the victim organization, not hackers seeking to gain entry. Original Meaning of “Hacker”.

liko
Télécharger la présentation

Chapter 4

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 4 Digital Criminals and Hackers

  2. What is a Hacker? • The consensus of computer crime experts is that most computer criminals are insiders to the victim organization, not hackers seeking to gain entry

  3. Original Meaning of “Hacker” • Among early MIT hackers, a hack was “a project undertaken or a product built not solely to fulfill some constructive goal, but with some wild pleasure taken in mere involvement.” • To qualify as a hack, the feat must be imbued with innovation, style, and technical virtuosity • Hacking was most closely associated with creative, unorthodox problem solving to overcome the limitations of early computers

  4. Law Enforcement’s Point of View: Illegal Actions and Damage • When the computer belongs to the hacker or when the hacker has legitimate access to the computer, there is no crime • When the hacker does not have permission to use the computer or network, the action is called system intrusion • Federal statute makes it a crime to knowingly use false credentials or access devices (which include passwords)

  5. Law Enforcement’s Point of View: Illegal Actions and Damage • Illegally accessing a computer connected to the Internet is a federal crime • The primary difference between simple network intrusion and data alteration is the intent of the intruder • Mere browsing may be theft, but it does not deprive the owner of the data or the use of the data • While criminally altered data may be used for fraud, the simple intruder may not cause actual harm

  6. The Hacker’s Point of View: Prosocial Hacking • The hacker subculture is a group of like-minded individuals who share a set of values, defined in the hacker ethic • The subculture’s definition of prosocial hacking define it and differentiate its activities from computer crime

  7. Computer Criminals vs. Hackers • It is also hard to prosecute a “pure” hacker under Federal statutes because the sentencing guidelines are driven by financial damages • The distinction between hackers and computer criminals in three ways: • He minimized the criminal damage caused by hacking, implying that very little actual harm is caused • He defended the criminal actions of hackers based on their motives and adherence to hacker subcultural values, which were not viewed as criminal by Goldstein • He disavowed hackers who commit crimes that violate hacker values, such as crimes of financial gain

  8. White Hat vs. Black Hat • “White hat hacker” • Ethical hacker • Includes software testing by manufacturers, independent verification of software function and safety, reverse engineering, and training • Tiger teams described a hacker or team of hackers hired to “test” the defenses of an organization • “Black hat hacker” • Malicious hacker (Cracker) • “Gray hat hacker” • Someone who typically behaves in an ethical manner, but sometimes violates accepted ethics

  9. FUD • “FUD is the fear, uncertainty, and doubt that IBM sales people instill in the minds of potential customers who might be considering (Amdahl) products

  10. The Evolving Hacker Subculture • The Hacker Ethic • The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing open-source and facilitating access to information and to computing resources wherever possible • The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality • The requirement to do no harm may be an evolutionary step in hacker subculture

  11. Bedroom Hackers • In the early 1980s, when home computers became widely available, hacking expanded from the universities and research parks • Phone phreaks, a counterculture movement of the 1960s and 1970s, had been exploring the phone system for years by the time hacking moved out of the universities • Bedroom hackers created a hacker society apart from corporate research parks and universities • They created their own dialect called eleet (‘leet) speek or k-rad • In k-rad, numbers were substituted for visually similar letters • For instance, “elite hackers” became 31337 HaKorZ

  12. Internet Hackers • Enculturation • Aaron Ball uses the term “RTFRFC.” • It is an adaptation of “Read the F---ing Manual” (RTFM), referring to a document called a Request for Comment (RFC)

More Related