Home > Computers & Technology > Internet > Internet Security & Safety > Hacking
Does it take a hacker to catch a hacker?
Results so far:
| Yes | 75% | 258 votes | Total: 344 votes | |
| No | 25% | 86 votes |
Yes
by Art Redwood
Created on: June 23, 2008 Last Updated: July 15, 2011
I read a very well known and respected Linux publication regularly, I love the informative, timely and well researched articles that appear on their pages, but it was the editorial page that caught my attention the other day, they where describing that their site had been hacked, and there was a little light hearted banter in the editorial between the boss and the subordinate that administered the site, about the application of security patches and certain OS upgrades, that would have prevented the attack in the first place.
It was the white hackers or the authors and owners of the site and mag, that found out that there was malicious code inserted into their site by a black hacker, and not the ordinary net citizens, that regularly log into the site to catch up with the latest community gossip.
I use this analogy of white and black to illustrate that within the hacking community there are usually two distinct camps of people, the black hacker's are those that want to do harm, or are inquisitive to the point that they become a nuisance to site administrators, and the white hackers are comprised of the developers and community minded individuals, that consistently repair, patch, upgrade, inform and generally secure the underlying OS, that your computer hardware hosts, that makes computers manageable and usable for the rest of us.
I consider myself quiet experienced in the running of a computer and the peripherals that accompany it, but when it comes to deciphering the code that constitutes a DoS attack on someones site server, or home computer, (and I've tried to read a few of them,) it leaves me with an all too familiar blank look on my face, I have read with great interest how one hacker caught another hacker that had intended using his site to host bots that where to be used in a DoS attack on other internet servers, by tracing log files, traffic, his own ingenuity and some damn fine coding, to the point that he turned the tails on the (black) hacker so that he was the one that eventually got hacked.
Now if that was me and remember I consider myself quiet good, I would never have even realized that my site or system would have been comprised in the first place, you need someone who is familiar, intimate and fluent in the most inner working of computer languages to help guard those of us that are lees blessed in that department, so that we don't fall fowl to their dark machinations.
It would be interesting to see how Johnny-come-ordinary-net -citizen would handle or combat a VMBR on their system without the help, guidance or coding skill of a white hacker or developer to combat the malware infection, as the Mums or dads of the world wouldn't even know they've been infected, or a running a compromised system ,that is until they go to take some money out of the bank, and it's then and only then that they realize that all their hard earn savings have been stole, by the key logger, that's been inserted into their system, and it has been lodging and sending all that information, to the author of the VMBR malware, since their system first became infected.
How do they combat that? they can't, as usually they have just enough information to start a computer, and navigate a few certain sites, that family, friends or work colleges have told them they should visit, they blindly trust and believe that the security software that's been on their computer since the day they bought it will protect them even though it's never been updated, or the trial ware has just plain expired and their been running an unsecured system since.
No, to catch a hacker (black or gray), you need hacker, to combat them. The recent SSL security issue within the Linux community would only confirm that. As to untrained eyes everything was fine security certificates appeared valid, and trustworthy and people could do and conduct business as usual, but it's only to the trained code ordinated eyes, did it become apparent (although painfully too late), that the code and the underlying security implications of the vulnerable certificates and the black hacking communities intentions to exploit them necessitated a quick and concise fix, but not by a community of untrained individuals, but rather by skilled hackers, who are passionate and dedicated to their craft.
Learn more about this author, Art Redwood.
Click here to send this author comments or questions.
No
by Elizabeth M Young
Created on: February 23, 2010
It is common belief that hacking is such a highly skilled and esoteric field that the average person could not possibly catch one. There is a presumption of skills equivalency that would be required for a hacker to be caught, and that is how most of them get caught: they are arrogant and believe themselves to be invisible and invincible to the average person or to the vulnerablities that we all have in life.
And it is quite true in the vast majority of cases that we are not able to catch any hackers!
But, the fact is that chance, serendipity, simple training, divine intervention, luck, and the odd encounter can be as effective in catching a hacker as the most dedicated efforts of an obsessed anti hacking professional. A car crash, where the hacker is caught with piles of material that indicate criminal hacking activity can be caused by a drunk driver who does not even own a computer.
Hackers have to operate at some point in society. They have to shop, have bank accounts, drive cars, get the plumbing repaired, go to the hospital, and they have to conduct phishing and social engineering expeditions. The well trained and ready Luddite can easily apply knowledge of what to look for in situations that do not involve computers at all, especially in the area of personal and job related security.
This is not to ignore the fact that hackers operate on a financial and skill based scale that few of us can comprehend, let alone do battle on, but it is often the little things in life that bring down the most sophisticated and powerful of operations. In some cases, governments are behind the hacking at the same time that they are busting hackers. This is far over the average head.
Given the choice between learning what it takes to catch a hacker and having a force of hackers to catch the hackers who infest my computer, I would choose the latter. I simply cannot afford the learning curve, or the equipment and resources that are needed.
As a result, it would be preferable to have a combination of training in preventing my own computer from picking up viruses, not using online banking or other services, and to let the professionals do the detective work. It would be good to have one coherent place to get information about the latest cyber attacks that are relevant and customizable to local and personal preferences.
Learn more about this author, Elizabeth M Young.
Click here to send this author comments or questions.
Write and get published
Share with other writers
Polish your freelancing skills
Quality articles from proven freelancers
Exclusive rights, fast turnaround
Brand engagement, business blogging -- our writers do it all
INFORMATION
Copyright © 2002-2012 Helium, Inc. All rights reserved.
Helium.com: A Service of RR Donnelley