Sunil Thakare :: Open Source Evangelist

Sunil Thakare's blog…

Hacking : Ethical or Unethical?

It was the time in 1990 when Intel-8088 based machines were used for most of the computational assistance on then PC-DOS from IBM and MS-DOS from Microsoft. In those days, hacking term especially used to ascertain in-depth knowledge of Operating System (OS) like MS-DOS. I still remember the use of Norton Utilities to hack in-depth knowledge of OS. How DOS loads itself from BIOS and users get work done from it. Even newbies wanna play with those fantastic utilities from Norton in those days. I’d also got an opportunity to work on such utilities while my graduation. I changed (I confess) the boot sequence of the machine in my college which starts from IO.SYS and MSDOS.SYS in first entry of partition table which caused hardware lock down which was installed on the system to control unauthorized entry without password. Was it so difficult to hack? Of-course not. I just played with FAT using Norton Disk Editor which give direct access to the disk and enable us to modify it using HEX or Binary codes. It was so simple. Does is mean that I became Hacker? No way. Hacking means in-depth knowledge of any system and how you grab it in such a way that it become necessary to understand in systematic way. Simply playing and modifying system data is nothing but cracking and not Hacking. In those years of floppy based booting machines are heavily flooded with TSRs (Terminate and Stay Resident). Virus or simply TSRs infects your system, grab the potion of RAM and works anonymously.

But the story of UNIX was different. You never get system access anonymously. The security in *nix systems is based on rights coffered on users. Hacking *nix based system means gaining strong system knowledge and becoming a good system administrator. As *nix based system have no access to general users, only PC based systems were available to general people. This fact was exploited by Microsoft and grabbed the PC based software market and made Microsoft a popular brand in personal computing. The history of virus starts here! Right from TSRs to todays viruses, spams, Trojan etc. I knew some programs used to detect such TSRs and remove them, but wait, system become unstable and rest of your work simply vanishes as it was stored in RAM. With entry of Windows 3.11, a DOS based window system by Microsoft become very popular in those days. Although it worked fine but still loaded from DOS and became sometimes unstable and high risk of data corruption. We all know the then history of Windows from 95 to todays Windows 7.

Is Hacking means exploring Windows and exploiting its registry?

The answer is NO. In first para I just explained, playing with then DOS and todays Windows is not called as hacking. India’s so-called, self-claimed #1 Hacker tells you to play with age-old, outdated, tips and tricks of so-called hacking. You know about whom I am talking…(AF!). In his speech, he claims that he hacked some of the most secured websites in India and abroad. It is true? No. Bogus. He simply cheats the innocent people especially young generation who think hacking is miracle and some sort of “Black-Magic”. If you go through his published books, you will find the hacking techniques explained as windows registry hacks. He talks about sending Trojan-horse (don’t be confused) through e-mail and acquiring access to user system. My question to this child-brain young self-claimed hacker is: Send a Trojan-horse to *nix based systems like Linux, Mac-OS etc get the work done you desired. It simply fails to run such childish methods to hack (or crack?). The comment, on this (AF’s) book, published on Amazom.com by Steven G. Bottoms as follows:

I was amazed when I finished scanning this book today. Quite frankly, I can’t imagine why it was ever published! Aside from the fact that it was published this year (2002), and aside from the fact that the author appears to have used a Windows 95 machine to do his tinkering (I won’t even give the author the respect of using the word “hacking”), this book is riddled with misinformation, inconsistencies, and uncommented source code (which incidentally only compiles, according to the author, on a version of *nix that very few people use). Any hobbyist with more than one year of experience knows AT LEAST what’s covered in this book, and they probably don’t even realize it! This book doesn’t cover ANY of the new operating systems, doesn’t take into account ANY basic security precautions that have been in use for a couple years now, and does the reader a disservice by trying to explain (poorly) what “hacker” and “cracker” means (clearly the author was trying to impress his friends with his knowledge of jargon). There are MANY more useful tomes on the market; don’t waste your money on this book! The single most useful piece of information this book contains is a single page where the URLs to SART and (I believe) CERT can be found!

Some people call him as “self promotive, script kiddi, copy paster, liar, boaster and Master communicator etc”.

Hacking requires devotion, in-depth knowledge of system, systematic way of understanding computer and it could be used to do the tasks for which it is designed.

Is it ethical or unethical?

The term ethical is falsely integrated with or attached to hacking. By definition, hacking is not unethical. You mean to say “Cracking?”. Yeah, ethical / unethical applies to cracking and not hacking. This term “Ethical” is used to market or attract hacking training courses for innocent people. So beware of such “Ethical Hacking” courses.

If you really want to become hacker, then study and exploit *nix based systems like Linux, Mac, Unix etc. Don’t become cracker, its illegal to crack the things and getting others data from a very weak system configuration or website. Don’t say “I hacked the System or Website.” Privacy means every thing which stick to legal matter”. So don’t be panic to hack (oh sorry its cracking) other data.

I’ll back with some fundamentals of “Hacking” with new posts.

Till then happy Hacking.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>