1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Found this nice little chat about Anonymous and hacking, what do you think?

Discussion in 'BlackHat Lounge' started by alesulx, May 17, 2015.

  1. alesulx

    alesulx Newbie

    Joined:
    May 22, 2014
    Messages:
    22
    Likes Received:
    2


    Comment nr.1: Hacking is exploring the limits of what is possible, thereby doing something exciting and meaningful.

    Comment nr.2:

    Interesting way to put it

    Comment nr.3: Hacking is fun , until u ruins somebody life its become crime .
    If you are a white hat hacker there is no way for you to ruin somebody's life. Black hat hackers, however, use hacking to their advantage and abuse it in every way possible.Groups like Anonymous are on the line between white hat and black hat: their goals are concidered white hat as they are simply trying to prove a point, yet they cause millions of dollars in destruction to servers etc which makes them black hat hackers.
    Anonymous is/are formed groups of like minded individuals to succeed in common goals or missions, similarly to activists, protesters, or a voice. Not a real group and has no actual leadership. Which is rather different than just hacking as it involves much more than just IT if even at all. Even though the majority of Anonymous' goals being birthed from internet based media outlets like ***** and other ideals. The 414s would be better example of a mixed hat hacker group who really did no malicious harm. Due to the legality of methods deployed by Anonymous to prove their points, they are perceived and labeled as Black Hat. Regardless of them expressing internet activities as a freedom of protest, they are done so of the majority with malicious intents (DDoS).There is however a classification for Grey Hat hackers, to which fall somewhere between purely altruistic (White) and purely malicious (Black) very much so like the 414s. For example a Grey Hat may find an exploit but not use it illegally and not divulge it to others. White Hats are usually employed as "penetration testers" to find/fix exploits and test security. Black Hats will attempt to use and share an exploit for personal gain or malicious use of some form. Whereas Grey Hats are usually wanting to learn how the system works and what they can make it do. For example allowing me to bypass a two-step authentication requirement to access my own account, but not use or share those methods to gain access to others.

    I am interested what these guys do all day, and if they help others and if they are among us on BlackHatworld.
     
  2. alesulx

    alesulx Newbie

    Joined:
    May 22, 2014
    Messages:
    22
    Likes Received:
    2
    Another comment : First: I am not an expert on information security. I'm an amateur cryptographer which a bit of a side interest in infosec.

    But having been learning stuff as a hobbyist for years...

    Learn the architecture of the stuff you're interested in. Figure out where the working parts are and read security advisories to learn about common breaks. You want to target applications? Learn about common memory bugs and leveraging them. You want to target code that uses self-modification to obscure its features? Learn reverse engineering (including how to read machine instructions on your target architecture, whether that's intel, ARM, etc, etc. You're curious about web application security? Learn about network architecture, network protocols, databases, common implementation security problems. You want to target the OS? Learn about how your operating system works, what sorts of security features it implements, and so on. Android? read widely about the DVM, bytecode, and the booming mobile malware industry.

    More than any particular programming language or technique -- and I think this is probably pretty clear from the example given in the video above of a house with an expensive lock and the windows open -- computer security is about understanding the various levels of architecture (ie: how things are put together) people actively develop attacks from as raw a level as sniffing RF radiation given off by components up to forcing faulty random number generation to break cryptography, to using different error messages as an oracle to reveal part of a user's secret information to using inadequate input checking in applications to hijack the process altogether).

    TBH, there's far too much of all of that potentially to learn, even if you were doing it as a full time job. So pick a piece of computer technology you're interested in and start poking at it to see how and when it fails and what you might be able to do to make use of that.

    This must be useful to somebody.
     
  3. hekke

    hekke Senior Member

    Joined:
    Jan 31, 2014
    Messages:
    984
    Likes Received:
    2,091
    Location:
    Sweden
    Anonymous is not a group so you cannot say what "they" do. Some are showing the flaws in the system, sometimes in softwares but also in society. While some just demonstrates for freedom on internet. Companies should, according to me, be thankful that people show them their weak system so that they can improve it for the better.

    I help people find the best service, using black hat methods. What am I?
     
  4. alesulx

    alesulx Newbie

    Joined:
    May 22, 2014
    Messages:
    22
    Likes Received:
    2
    Grey in my opinion.
     
  5. acidol2

    acidol2 Supreme Member

    Joined:
    Sep 8, 2011
    Messages:
    1,322
    Likes Received:
    835
    Location:
    My Successful Future
    I was sitting here for a few minutes waiting for a YouTube video to show, thinking Flash player was just lagging.
    Then I realized the text was all black....
     
    • Thanks Thanks x 4
  6. alesulx

    alesulx Newbie

    Joined:
    May 22, 2014
    Messages:
    22
    Likes Received:
    2
    First hint found :)):pirate14:
     
  7. greyhat91

    greyhat91 Newbie

    Joined:
    May 18, 2015
    Messages:
    29
    Likes Received:
    11
    interesting stuff, though I think we've all heard it before