API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 5th, 2016
426
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.91 KB | None | 0 0
raw download clone embed print report
  1. ==Phrack Inc.==
  2.  
  3. Volume 0x0c, Issue 0x41, Phile #0x0d of 0x0f
  4.  
  5.  
  6. |=-----------------------------------------------------------------------=|
  7. |=-----------------------=[ The Underground Myth ]=----------------------=|
  8. |=-----------------------------------------------------------------------=|
  9. |=---------------------------=[ By Anonymous ]=--------------------------=|
  10. |=-----------------------------------------------------------------------=|
  11.  
  12.  
  13. 1 - Hacker's Myth
  14. 2 - The Security Industry
  15. 3 - Black Hat, Two Faces
  16. 4 - Technology
  17. 5 - Criminals
  18. 6 - Forgotten Youth
  19. 7 - The Forward Link
  20.  
  21. -------------
  22. Hacker's Myth
  23. -------------
  24.  
  25. This is a statement on the fate of the modern underground. There will
  26. be none of the nostalgia, melodrama, black hat rhetoric or white hat
  27. over-analysis that normally accompanies such writing.
  28.  
  29. Since the early sixties there has been just one continuous hacking
  30. scene. From phreaking to hacking, people came and went, explosions of
  31. activity, various geographical shifts of influence. But although the scene
  32. seemed to constantly redefine itself in the ebb and flow of technology,
  33. it always had a direct lineage to the past, with similar traditions,
  34. culture and spirit.
  35.  
  36. In the past few years this connection has been completely severed.
  37.  
  38. And so there's very little point in writing about what the underground
  39. used to be; leave that to the historians. Very little point writing
  40. about what should be done to make everything good again; leave that to
  41. the dreamers and idealists. Instead I'm going to lay down some cold hard
  42. facts about the way things are now, and more importantly, how they came
  43. to be this way.
  44.  
  45. This is the story of how the underground died.
  46.  
  47. ---------------------
  48. The Security Industry
  49. ---------------------
  50.  
  51. Then in the U.S. music scene there was big changes made
  52. Due to circumstances beyond our control... such as payola
  53. The rock n roll scene died after two years of solid rock
  54. - The Animals, circa 1964
  55.  
  56. There is little doubt that the explosion of the security industry has
  57. directly coincided with the decline of the hacking scene. The hackers
  58. of the eighties and nineties became the security professionals of the
  59. new millennium, and the community suffered for it.
  60.  
  61. The fact is that hackers, mostly on an individual basis, decided to
  62. use their passion as a source of income. Whether this is good, bad,
  63. or just pragmatic is completely irrelevant. Nearly all the hackers that
  64. could get jobs did. For the individuals that decision has been made (for
  65. better or worse), and in general there's nothing that will change this.
  66.  
  67. This was a hacker exodus. What really mattered was not the loss of any
  68. individuals, but the cumulative effect this had on the underground. The
  69. more hackers that left the underground for a corporate life, the fewer
  70. that came in. And those who stayed became entrenched, increasingly
  71. disconnected.
  72.  
  73. Collaboration in this new age of career hackers has all but ceased to
  74. exist. Individuals are now obsessed with credit. For their career, for
  75. their standing in the community, it must be absolutely clear who this
  76. research, this vulnerability, or even this opinion belongs to.
  77.  
  78. There is no trust in this corporate community; an underground issue
  79. greatly amplified by corporate motivations. A single person can go months
  80. or even years without telling anyone exactly what he is working on, and
  81. whats more, will be genuinely worried about someone "publishing" their
  82. results before him. There is no respect for the information he holds,
  83. no belief that information should be free, no belief that research should
  84. be open. All that matters is credit; all that matters is fame and money,
  85. their career.
  86.  
  87. This is purely the fault of the security industry, who has exploited
  88. and cultivated this culture, designed it for their needs. The truly sad
  89. thing is that the corporate security world hasn't realized that they are
  90. sitting on a gold mine, and as a result the mine is likely to collapse;
  91. and likely to take their industry down with it.
  92.  
  93. The security industry uses information as its sole commodity, information
  94. about insecurity. Who has the information, and who doesn't is what
  95. makes this economy work. Whats more, the economy has been founded on
  96. the continued output of a finite group of hackers. For the most part,
  97. founded on those hackers that came out of the underground scene at their
  98. technical prime.
  99.  
  100. But these hackers are not going to continue their production
  101. indefinitely. They will lose their technical edge, move on to other
  102. industries, perhaps climb the ladder up to management, and then
  103. retire. The question is, then what? Then it will be up to the new wave
  104. of young security professionals, whose motivation is as much financial
  105. as it is passion for the technology and the thrill of the hacking game.
  106.  
  107. To imagine that these new wave office workers, university trained and
  108. disinterested, can match the creative output of a genuine hacker is
  109. laughable. The industry will stagnate under these conditions. The rapid
  110. technical advancement we have seen will end, no more breakthroughs:
  111. no more new security products or services. Just the same old techniques
  112. being rehashed again and again until the rock has been bled dry.
  113.  
  114. I am trying to show you the symbiotic nature of the security industry
  115. and the hacking scene. Industry needs insecurity to survive, there is
  116. no doubt about this. A secure and stable Internet is not profitable for
  117. long. Hackers provided instability, change, chaos. So the industry became
  118. a parasite on the hacking scene, devouring the talent pool without giving
  119. anything back, not thinking of what will happen when there are no more
  120. hackers to consume.
  121.  
  122. For this reason, the security industry, much like the hacker underground,
  123. is doomed, perhaps even destined for failure. But for now, all that
  124. matters is that we have a thriving industry and...
  125.  
  126. A hacker underground proclaimed to be dead.
  127.  
  128. --------------------
  129. Black Hat, Two Faces
  130. --------------------
  131.  
  132. It would be easy to lay the blame squarely on the shoulders of the
  133. security industry. A lot of people have. Unfortunately, its not that
  134. simple. Perhaps the underground could have survived without the lure of
  135. a six figure job, but one thing should be made clear. The self-proclaimed
  136. black hat movement does nothing to help.
  137.  
  138. Various black hat groups have claimed to be the voice of the underground,
  139. but the black hat scene was only ever a pale imitation of the actual
  140. underground. The underground wasn't at all interested in public
  141. self-aggrandizement, but this is all the black hats ever did. All that
  142. their various rants and escapades accomplished was to show how desperate
  143. they actually were for fame and recognition.
  144.  
  145. But whats worse, while they often talk a big game, they very rarely have
  146. the pedigree to back it up. This is mostly because these self-proclaimed
  147. black hats are really just as self-serving as the white hats they pretend
  148. to detest. With few exceptions, those black hats that aren't already
  149. working in the security industry are those that don't have the skills
  150. to cut it.
  151.  
  152. The entire anti-security theme was simply embarrassing. This was just the
  153. black hat movement admitting that they couldn't step up and represent
  154. in an increasingly technical world. Where once hacking skill commanded
  155. respect, now the black hats were promoting misinformation in order to
  156. make what few hacks they managed to pull off easier. They couldn't step
  157. up to a challenge, they couldn't outsmart the white hats they so detest.
  158.  
  159. This ineptitude and misguided fervor of the black hat scene had a
  160. massive negative impact on the hacking underground. The true voice of
  161. the underground was lost behind the noise and drama, until the voice
  162. became a whisper.
  163.  
  164. And then eventually fell silent.
  165.  
  166. ----------
  167. Technology
  168. ----------
  169.  
  170. The very nature of technology, a dynamic and intractable force, had a lot
  171. to say in the demise of the hacking world. In many cases, if a black hat
  172. had been active 5 or 10 years earlier they would have been technically
  173. competent and may well have contributed significantly. This is because
  174. with the utmost respect, and despite all the nostalgia, hackers of the
  175. past had it easy.
  176.  
  177. In the early years, the problems hackers faced were largely related to the
  178. availability of information. Isolated groups of people had their tricks
  179. and techniques, and sharing this information was problematic. This is
  180. in direct contrast with the situation today, where there is an excess
  181. of information but a void of quality.
  182.  
  183. As a result of many differing factors, the world is becoming aware of the
  184. threats posed by lax security. When there is money at risk, steps will
  185. be taken to protect those assets. We see now an increasing move towards
  186. technical security mechanisms being employed as part of a defense in
  187. depth strategy, and as a result, to be a hacker today requires immense
  188. technical ability in a broad range of disciplines. It takes years of
  189. individual study to reach this level.
  190.  
  191. But unfortunately, fewer and fewer people are willing, or indeed capable
  192. of following this path, of pursuing that ever-unattainable goal of
  193. technical perfection. Instead, the current trend is to pursue the lowest
  194. common denominator, to do the least amount of work to gain the most fame,
  195. respect or money.
  196.  
  197. There has also been an increasingly narrow range in what is published. In
  198. part this is because of the lack of accessibility of certain systems
  199. (through obscurity or price), but this is also increasingly dictated by
  200. fashion. In a desire to fit in with the community, to be accepted in
  201. to conferences, to be seen doing the right things in the right places
  202. with the right people, researchers are all too happy to slot in to this
  203. pattern of predictable and narrow progress.
  204.  
  205. And even then, the standards of what makes acceptable research, or for
  206. what makes a vulnerability interesting, drops with every year. The gap
  207. between offensive research and defensive implementations continues to
  208. grow, to the point where public vulnerability research has become a
  209. parody of what it once was, a type of inside joke.
  210.  
  211. There is no creativity, no sense of arcana anymore.
  212.  
  213. ---------
  214. Criminals
  215. ---------
  216.  
  217. From Operation Sundevil to cyber terrorism. The criminalization of
  218. computer hacking and, by association, computer hackers had a devastating
  219. impact on the underground. Hacking was criminalized in two ways, both
  220. of near equal importance: by legislation of computer crimes, and by the
  221. new trend of genuine criminals using hacking as a method for fraud.
  222.  
  223. There should be a clear separation between these two things. The fact
  224. that the underground collectively became criminals under the law for
  225. what they had been doing for, in some cases, decades. And the fact that
  226. in public perception, even among professionals that should know better,
  227. there was very little distinction between a genuine hacker and those
  228. criminals using hacking purely as a method for profit.
  229.  
  230. Indeed, little of what organized crime and terrorist/activist groups
  231. are doing could justifiably be labeled hacking. It is simply convenient
  232. to make this simplification, in media and in industry. The security
  233. industry knows the difference, but they have no economic interest in
  234. there being any clarity on this point. Any sort of hacking, anything
  235. they can sensationalize enough to scare their profit margin up suits
  236. them perfectly.
  237.  
  238. For the underground, these issues largely affected individuals, not the
  239. broader structure of things. Each person had to make a personal decision
  240. on whether it was worth 1) being seen as a criminal under the law and
  241. 2) being seen as a criminal in public perception. Why should the hacker
  242. face this when such an easy, safe, respectable alternative is available
  243. in the security industry?
  244.  
  245. Even the term black hat has been twisted into something more closely
  246. aligned to organized crime. For all their faults, black hats were not
  247. (in theory) motivated by this type of money.
  248.  
  249. It comes down to an aging hacking population deciding, on an individual
  250. basis, to settle down with their families, their material possessions,
  251. their careers. No one can argue that there is anything wrong with this. It
  252. is just a fact that these hackers left the scene behind.
  253.  
  254. Leaving a void too large to be filled.
  255.  
  256. ---------------
  257. Forgotten Youth
  258. ---------------
  259.  
  260. The forgotten aspect of this whole story is, without doubt, the importance
  261. of new talent entering the world of hacking. Historically, hacking has
  262. belonged to the young. With every passing year, the average age of hackers
  263. collectively increases. Some would claim this is a sign of a maturing
  264. discipline. For surely, what could youth possibly contribute in this
  265. technological landscape? They call them kids, dismiss them as irrelevant.
  266.  
  267. Despite all of the issues facing the underground, if hackers had managed
  268. to get this one aspect right, if they had recognized the importance
  269. of those who would come after them, if they had given them something
  270. to aspire to be, if they had directly or indirectly taught them the
  271. accumulated wisdom that so often separates a hacker from the crowd;
  272. then perhaps there still would be a hacker underground.
  273.  
  274. Nearly all of the situations surrounding the disestablishment of the
  275. underground were circumstantial, there was nobody to blame, and nothing
  276. that could be done. But one point for which this was not true was the
  277. underground's obligations to young hackers. An entire generation of
  278. talented hackers have lost the opportunity to become a part of something
  279. bigger than themselves by participating in a functioning hacking
  280. community, simply because hackers were too self-absorbed to notice.
  281.  
  282. The decline of the underground scene happened relatively quickly, and
  283. also relatively quietly. The hacker who left the underground behind
  284. for his new life was unlikely to justify or explain his choices. In
  285. fact it was more likely he would deny being changed at all. It's likely
  286. he'd even continue to have contact with his fellow ex-hackers, in some
  287. imitation of the underground scene. This only helped to obscure what
  288. was actually happening.
  289.  
  290. Today's youth, for the most part, have no true understanding of hackers
  291. or hacking. They have no knowledge of the history, no knowledge that
  292. a history even exists. Their hacker is the media's hacker, the cyber
  293. terrorist, the Russian mafia. This is unfortunate, but the real trouble
  294. begins for those few that somehow become interested enough to look a
  295. bit deeper.
  296.  
  297. The average person requires some form of role model, something to aspire
  298. to, to imitate and to an extent, to idolize. At this time, the only
  299. visible efforts were the white hat researchers, the black hat horde or
  300. various other technically inept self-proclaimed 'experts'. There is so
  301. little inspiring research, and even less inspiring hacking, that anyone
  302. new to the world of hacking is almost invariably left with a skewed
  303. impression of things.
  304.  
  305. Indeed, for a lot of the young people that managed to acquire the
  306. necessary technical base, hacking was seen as simply an interesting career
  307. path. There is no passion in these people, no motivation to extend and
  308. create. A competent professional, valued employee.
  309.  
  310. But no longer a hacker.
  311.  
  312. ----------------
  313. The Forward Link
  314. ----------------
  315.  
  316. The hacker underground has been systematically dismantled, a victim of
  317. circumstance. There was no reason for this, no conspiracy, no winner. A
  318. conquered people, but with no conqueror, no enemy to fight. No chance
  319. of rebellion. Conquered by circumstance, if not fate.
  320.  
  321. At first this would seem to be a bleak message. What is the point of
  322. even trying anymore? Why practice a dead art? But the truth is that the
  323. art is not dead, just the circle that brought the artists together. The
  324. hacker underground is broken, but the hackers are not.
  325.  
  326. Casualties have been high; but there still exists a scattered,
  327. marginalized, and misrepresented people who are the hackers. Hackers,
  328. not black hat nor white, not professionals, not amateurs (surely none
  329. of this matters), are still out there in this world today, still with
  330. all the potential to be something great.
  331.  
  332. The question is not then how to artificially group these people into a
  333. new underground movement. The question is not how to mourn the passing of
  334. the golden days, how to keep the memories alive. There are no questions
  335. of this sort, no problems that can be solved or corrected by individual
  336. action.
  337.  
  338. All that remains is to relax, to do what you enjoy doing; to hack purely
  339. for the enjoyment of doing so. The rest will come naturally, a new
  340. scene, with its own traditions, culture and history. A new underground,
  341. organically formed over time, just like the first, out of the hacker's
  342. natural inclination to share and explore.
  343.  
  344. It will take time, and there will be difficulties. Some will not be able
  345. to let go of the past, and some will fail for not remembering it. But
  346. in the end, after everything has been said and done, the equilibrium
  347. will be restored.
  348.  
  349. A new world, at the frontier of cyberspace, belonging to the hackers
  350. by right.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!