EvilZone

I found this free book online. Finding it informational and accessible, I decided to post it here. I can't vouch to the accuracy or completeness of the materials, but it seems like a decent text. Perhaps a more knowledgeable hacker can take a look and tell me if it's quality material.

http://pages.cs.wisc.edu/~remzi/OSTEP/

Yeah, I'm trying to run client-side, since I can't use Java in my browser right now. I seem to recall before that I needed to connect SSL to get in, maybe because of some glitch on my end. Can you PM me the SSL password if you have it? I can't seem to recall what it is.

An interesting concept. I wonder, is it possible to create a script that will make your computer "disappear" from the network as though turning off and then "reappear" as a new machine with a new MAC address and name chosen from a list, without having to reboot? Furthermore, if that is possible, is it then possible to create a program that could run in the background and switch your MAC address regularly - say, once every ten or fifteen minutes? This could make it appear as though you are in fact a string of different customers in, say, a coffee shop. Even better would be if it could sign-in your next MAC address a few minutes before signing out your current one, the better to fool people looking at the connection logs. A simultaneous termination of an old connection and creation of a new one might look suspicious.

Yeah, everybody loves a good DoS attack for no apparent reason. Skiddies are fun to have around. Sometimes I even put out food for them - cheesy party mix works best. It's not required for sightings, though. Most of them leave their webcams on, so you can get pictures that way.

Any user here could have told you that. Thanks Cpt. Obvious.

Hey, be fair - I couldn't have. I'm eighteen and idealistic. Maybe you guys can help me out with the naivete thing. You all seem to have a lot more life experience. That's one of the reasons I come here: to learn from those with more wisdom and experience than I.

Vezzy,

I hear what you're saying, and it makes a lot of sense. I find myself torn between two conflicting views of the NSA: one in which it is composed of ordinary people like you and me whose only fault is that they went too far in the pursuit of terrorism suspects and became so focused on the objective that the legality of the means became secondary to it and accepted as such (i.e., "blinded by the cause" or "wrong things for the right reasons"), and a second in which the NSA is controlled by power players higher up who use it primarily for their own competitive gain and to ensure that they remain in power (i.e., controlled by "silhouetted figures" found in spy movies). I hear you arguing the latter case.

The truth is, I think both views have merit. I think it entirely possible that there are good people in the NSA - people who devote their lives to keeping America safer by their actions. I think in many ways the NSA can be said to contain some of the best people on the planet. Whether or not such "shadow figures" exist in the upper echelons of the organization, I believe that most of the NSA's employees are genuinely convinced that they are serving the greater good. As Ed Snowden put it, a lot of his colleagues were shocked by the documents and evidence he showed them. I think this is evidence that the organization itself is not pervaded by widespread corruption, and as Snowden says, we should not automatically demonize the NSA. There are real threats out there, and these people believe they are protecting us from them. In fact, they very well might be. I really don't know.

In order for a body composed of mostly honest people to go so wrong, I think there has to be a deception at some point. I think these people may have been deceiving themselves into thinking that the end justified the means, and without proper oversight, that group mentality is all to easy to fall into. The cause is greater than this, greater than that, more important than privacy, above the restrictions that apply to other causes because it is a worthy one. I think this is a natural mistake, and one we can and should forgive. What I am unsure about is whether there are power players at the top.

I freely acknowledge that many politicians are corrupt, whether they realize it or not (and I get the sense that a "somewhat" corrupt politician can think of himself as honest, or at least "mostly honest" or "honest enough" to be a good person, and gradually begin a slide down a slippery slope of increasing "white lies" until the lies become neither small nor harmless). I also acknowledge that many of these people are well aware that what they are doing is illegal, and probably also that it is wrong, but many of them will be plagued by guilt. It is the ones who are aware of their crimes and who feel no guilt about their deceit and manipulative control of the power structure who truly scare me. People like Putin, for instance, who are clearly corrupt and do not even sometimes try to hide it. I worry about such people, and more so I worry about people who are equally as corrupt and far less public about their power - the so-called "shadow figures" present in spy movies. I wonder if such people exist, have to conclude that they probably do, and then begin to worry about what they might do with all this data. As I do so, I start to believe my initial post was a bit naively optimistic, and I thank you for correcting my thinking. But I also encourage you to remember that we are set in opposition to the man, not his naively deceived underlings, otherwise mature and responsible as they may be. I quote the Lord of the Rings: "but they were all of them deceived..."

Anyway, let me know your thoughts. I love hearing what you guys think.

Lucid,

I hear what you are saying, friend. Please read my response to Vezzy if you have the time; if you don't, merely know that I acknowledged my own naivete. That's why I come here. You guys keep me honest and tell me when I've managed to stick my head up my ass in glorious Full HD.

I would argue now (having changed my position after reading yours and Vezzy's arguments) that the only thing protecting us from the NSA and the people who control it is the fact that at the moment we are insignificant to them - not worth their attention. I think the best thing we can do to try and change that threat to us is to make sure the people inside the system who are not corrupt, and merely deceived, are aware of the deception and working to change it. We need more people like Ed Snowden to wake up to the threat and try to put the brakes on. The problem is, though, I worry that the plots of the rich and powerful may be insidious, and easily reformulated to work around the threat of public perception. If we reform the NSA, I worry that they will find other ways of making their presence felt.

Everyone else,

I suppose that in a nutshell I should revise my earlier statements to reflect a different sentiment you have helped me to appreciate:
I am not afraid of the NSA; I am afraid of the people who control them.

Staff note: God damn triple posting, r u srs!?

Why I don't hate the NSA

According to Edward Snowden, the NSA is spying on us. Right now, they could be reading what I’m typing, listening to the clickity-clack of keys via my smartphone, which is sitting on the desk, and even taking pictures of me with my webcam. It’s a terrible invasion of privacy, to be sure, but I’m not sure I really mind. Here’s why: there can’t possibly be enough people in the NSA to personally monitor all of my communications. In short, they have better things to do, like follow terrorists around, and so in my opinion it seems likely that nothing other than a computer bank will ever see my data. Given how preoccupied the NSA is with security, and the fact that all of my fellow hackers are unwilling to mess with the proverbial bull lest they get the proverbial horns, I feel like any data the NSA has on me is likely to end its life there, sitting on some blast-proof and armed-guard-protected server deep beneath the Arizona desert. It couldn’t be safer, and as long as the NSA isn’t using it against me, I couldn’t really care less. In fact, I would rather they have data on me that proves I’m not a terrorist than that they fail to have data on someone else who is. It may not be ethical for them to tap my data, but it keeps me safe, and really, I have nothing to hide – especially not from a computer. Even if I did have things I didn’t want the NSA to see, I would be a fool to not encrypt them.

Furthermore, it seems foolish to suppose that the NSA is going to come after me for anything less than treason or terrorism. That’s their job. They’re not interested in the fact that I still watch Barbie movies with my little sister. Furthermore, unless I’m a spy, and my guilt seems indisputable, I’m confident that I’ll get a fair trial in this country. If I disappeared, people would notice. Lots of people. And that’s the last thing the NSA wants. So really, there’s nothing they can do to me without losing face and potentially spawning an investigation into how they got their supposedly “incriminating” data without a search warrant. No, it is in the NSA’s best interest to leave me alone, and most probably you as well. They’d be foolish to do otherwise.

Given that the NSA has no reason to move against me unless I’m a terrorist that they can disappear without a major news event, I feel pretty safe, and safer for the fact that they are stopping terrorists with all that data. In fact, I even feel like I might want to thank them for it. If they ever change their attitude and start bullying Americans around, then it might be time to start asking questions. But so long as all they do is catch terrorists and sit on massive reams of data, what harm are they really doing? If no human being even ever sees my data, and the NSA protects it with guns and dogs and rocket launchers, what do I have to fear? This is America, after all, and not some Soviet dictatorship like Russia or North Korea. The freedom of the press, freedom of speech, and sheer impossibility of running a “secret police” operation with any degree of success make me confidant that the NSA is going nowhere with my data. In short, none of us has anything to fear.

P.S.: As one who shares the hacker mindset, I know this paper may be off-putting to many of you. I’m not arguing that what the NSA does is right or even justified (though those arguments can certainly be made and I am more than willing to listen), but rather that there is nothing to be afraid of. The government has more to lose by coming after any given individual than they could possibly stand to gain, and those in power will understand that. I encourage anyone with a counter-argument to stand up and give it; I’m always open to being proven wrong or incomplete in my analysis. Thanks for being a great community, EZ, and let the flaming commence.

P.P.S.: No, the NSA did not coerce me into writing this, nor did they pay me to do so. I have no connection whatsoever to the NSA. I just thought I'd get that out of the way before someone went and asked.

So, I was tab-flipping (compare: channel-surfing) the internet and I stumbled upon this site:

http://hackershandbook.org/

They ask $3.99 to unlock access to what seems to be a fairly good set of tutorials, and supposedly as well evidence of and data from a number of significant-looking cracks, but I am dubious, especially given the fact that some people seem to be claiming they paid and did not get access immediately. Does anyone know if the site is reputable and/or whether they are doing anything blatantly illegal or otherwise likely to have major repercussions?