Jump to content
GoodKat

ETHICS&SAFETY

By GoodKat, in Tutoriale in engleza

Recommended Posts

GoodKat Newbie

GoodKat

Posted
Posted

One of the most integral parts of a hacker's mindset

is his/her set of ethics. And ethics frequently go hand in

hand with safety, which is obviously the most critical

part of the process of hacking and the system

exploration, if you plan to spend your life outside

of the jail.

A hacker's ethics are generally somewhat different from

that of an average Juan dela Cruz. An average Juan dela

Cruz would be taught that it is bad to break laws, even though

most do anyways. We're encouraging you to break laws, but in

the quest for knowledge. In my mind, if hacking is done with

the right intentions it is not all that criminal. The media likes

to make us out to be psychotic sociopaths bent on causing

armageddon with our PCs. Not likely. I could probably turn the

tables on the fearmongering media by showing that the average

Juan dela Cruz who cheats on his taxes is harming the system

more than a curious interloper, but WE refrain.. let them wallow...

The one thing a hacker must never do is maliciously hack

(also known as crash, trash, etc..) a system. Deleting

and modifying files unnecessary is BAD. It serves no

purpose but to send the sysadmins on a warhunt

for your head, and to take away your account. Lame.

Don't do it. Anyways, if you don't understand all of these,

just do your best to follow them, and take our word for it.

You'll understand the reasoning behind these

guidelines later.

I. Don't ever maliciously hack a system. Do not delete or modify files

unnecessarily, or intentionally slow down or crash a system.

The lone exception to this rule is the modification of system logs and

audit trails to hide your tracks.

II. Don't give your name or real phone number to ANYONE,

it doesn't matter who they are. Some of the most famous

phreaks have turned narcs because they've been busted,

and they will turn you in if you give them a chance. It's

been said that one out of every three hackers is a fed, and

while this is an exaggeration, use this as a rule and you

should do fine. Meet them on a loop, alliance, bbs, chat

system, whatever, just don't give out your voice number.

III. Stay away from government computers. You will

find out very fast that attempting to hack a MilTac installation

is next to impossible, and will get you arrested before you

can say "oh shit". Big Brother has infinite resources to

draw on, and has all the time it needs to hunt you down.

They will spend literally years tracking you down. As tempting

as it may be, don't rush into it, you'll regret it in the end.

IV. Don't use codes from your own home, ever! Period. This

is the most incredibly lame thing we've seen throughout our

lives in the 'underground'; incredible abuse of codes, which

has been the downfall of so many people. Most PBX/950/800s

have ANI, and using them will eventually get you busted,

without question. And calling cards are an even worse idea.

Codes are a form of pseudo-phreaking which have nothing

to do with the exploration of the telephone networks, which

is what phreaking is about. If you are too lazy to field phreak

or be inventive, then forget about phreaking.

V. Don't incriminate others, no matter how bad you hate them.

Turning in people over a dispute is a terrible way to solve things;

kick their ass, shut off their phones/power/water, whatever,

just don't bust them. It will come back to you in the end..

VI. Watch what you post. Don't post accounts or codes

over open nets as a rule. They will die within days, and

you will lose your new treasure. And the posting of credit

card numbers is indeed a criminal offense

under a law passed in the Reagan years.

VII. Don't card items. This is actually a worse idea than

using codes, the chances of getting busted are very high.

VIII. If for some reason you have to use codes, use

your own, and nothing else. Never use a code you see

on a board, because chances are it has been abused

beyond belief and it is already being monitored.

IX. Feel free to ask questions, but keep them within

reason. People won't always be willing to hand out rare

accounts, and if this is the case don't be surprised. Keep

the questions technical as a rule. Try and learn as much

as you can from pure hands on experience.

X. And finally, be somewhat paranoid. Use PGP (and other

strong encryption programs) to encrypt your files, keep

your notes/printouts stored secretly, whatever you can

do to prolong your stay in the hacking scene.

XI. If you get busted, don't tell the authorities ANYTHING.

Refuse to speak to them without a lawyer present.

XII. If police arrive at your residence to serve a

search warrant, look it over carefully, it is your

right. Know what they can and can't do, and

if they can't do something, make sure they don't.

XIII. If at all possible, try not to hack off your own

phoneline. Splice your neighbor's line, call from a

Fortress Fone, phreak off a junction box,

whatever.. if you hack long enough, chances

are one day you'll be traced. Don't believe

you are entirely safe on packet-switched

networks either, it takes a while but if you

scan/hack off your local access point they

will put a trace on it.

XIV. Make the tracking of yourself as difficult as

possible for others. Bounce the call off several

outdials, or try to go through at least two

different telco companies when making a call to

a dialup. When on a packet-switched network

or a local or wide area network, try and bounce

the call off various pads or through other networks

before you reach your destination. The more bounces,

the more red tape for the investigator and the

easier it is for you to make a clean

getaway. Try not to stay on any

system for *too* long, and alternate

your calling times and dates.

XV. Do not keep written notes! Keep all information

on computer, encrypted with PGP or another

military-standard encryption program.

Written notes will only serve to incriminate

you in a court of law. If you write something down

originally, shred the paper.. itty bitty

pieces is best, or even better, burn it! Feds

DO trash, just like us, and throwing out your

notes complete will land in their hands, and

they'll use it against you.

XVI. Finally, the day/night calling controversy.

Some folks think it is a better idea to call during

the day(or whenever the user would normally

use his account) as to not arouse the sysadmin's

suspicion of abnormal calling times, while others

think it is better to call when nobody is around.

This is a tough one, as there is no real answer.

If the sysadmin keeps logs (and reads over them)

he will definetly think it strange that a

secretary calls in at 3 am.. he will probably

then look closer and find it even stranger that

the secretary then grabbed the password file and

proceeded to set him/herself up with a root shell.

On the other hand, if you call during the time the

user would normally call, the real owner of the

account may very well log in to see his name

already there, or even worse be denied access

because his account is already in use.

In the end, it is down to your opinion.

And remember, when you make a decision stick

to it; remember the time

zone changes.

Words of wisdom from master Phatbooster.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...