Poking around on various “hacker” forums, this sort of thing is a common sight:

If I had the stamina and will to maintain a “skiddie clown quote of the day” for any length of time, this would be a prime candidate.  Especially this part:

im sick of being hacked ive done nothing wrong expect steal about 200 passes

Looking at posts like this got me to thinking about this scene’s combination of wanting to learn about “hacking”, inexperience, and the desire to do something immediately “fun” (important point: they want to jump straight to 0wnage, with a minimum of time studying how).  It reminded me of a phenomenon I was seeing on forums like this a while back, where members were becoming aware of the CSIS and SANS US Cyber Challenge competitions:

These challenges are geared towards high school students and undergraduates, and it gives them a interesting and competitive outlet for exercising skills that might otherwise be used for more script-kiddie-like endeavors.  In addition, it helps give them motivation to learn new skills that’s missing when you have an entire Internet’s worth of computers out there that have vulnerabilities you already know how to exploit.  In a recent interview with Forbes, the director of SANS, Alan Paller, stated the logic behind this kind of competition well:

“Offense must inform defense,” he says. “We’d like it to be just training defenders, but if they don’t know how attacks are performed, they’ll be incompetent.”

It might work, too.  If the structure of this training (which is still in its infancy) is good, and it’s interesting and challenging enough, then it could be possible to leverage script-kiddie-level skills into something useful.

It might work, too.  If the structure of this training (which is still in its infancy) is good, and it’s interesting and challenging enough, then it could be possible to leverage script-kiddie-level skills into something useful.

This might be what some of the people on these forums are looking for.  I’ve already witnessed an entire “hacking group” that normally occupies themselves with web defacement split into teams and sign up for the DC3 forensics challenge.  On another site, I noticed that GhostExodus, before he was arrested, had signed up for the DC3 challenge as well, as had XXxxImmortalxxXX (the guy who bragged to me about GhostExodus’ hacks).

Maybe in the near future, activities like the US Cyber Challenge will get people like this on a productive path before they wind up getting into trouble.

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

   
© 2012 McGrew Security Suffusion theme by Sayontan Sinha