Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 0:  Read.Me

Previous Topic/Section
0.1  You’re saved….If
Previous Page
Pages in Current Topic/Section
1
Next Page
0.3  Security Tao
Next Topic/Section

0.2  Hacker vs. Cracker

Language is a fluid thing. In days of old (in Internet Time) a hacker was a person who studied for possible vulnerabilities in a system and reported the results. A cracker was a term for someone who did bad things to a system once they discovered some vulnerability or came upon the work of a hacker’s results. http://www.hackers.com/ is on a mission to be a seeker of knowledge without the destructive use of this information. As people who need data to successfully perform in a Security+ role, the goal of hackers.com is in alignment with our needs. Given that, we understand the need to help show language differentiation and support their goals. Hacker is a knowledge seeker. A cracker is the bad guy seeking to hurt you.

We make our point with the RFC included below. In case you are wondering, RFC stands for Request for Comments. This is a process in which a thought is proposed on how to do something technical on the Internet, such as transfer files, access remote systems or route packets among networks. There are thousands of these entries, and some of them are just plain funny. This particular RFC is humorous and still makes the point. The original memo is plain text -- emphasis has been added.

[spacer]RFC 968

Network Working Group V. Cerf

Request for Comments: 968 MCI December 1985

'Twas the Night Before Start-up'

STATUS OF THIS MEMO

This memo discusses problems that arise and debugging techniques used in bringing a new network into operation. Distribution of this memo is unlimited.

DISCUSSION

Twas the night before start-up and all through the net,
not a packet was moving; no bit nor octet.
The engineers rattled their cards in despair,
hoping a bad chip would blow with a flare.

The salesmen were nestled all snug in their beds,
while visions of data nets danced in their heads.
And I with my datascope tracings and dumps
prepared for some pretty bad bruises and lumps.

When out in the hall there arose such a clatter,
I sprang from my desk to see what was the matter.
There stood at the threshold with PC in tow,
An ARPANET hacker, all ready to go.

I could see from the creases that covered his brow,
he'd conquer the crisis confronting him now.
More rapid than eagles, he checked each alarm
and scrutinized each for its potential harm.

On LAPB, on OSI, X.25!
TCP, SNA, V.35!
His eyes were afire with the strength of his gaze;
no bug could hide long; not for hours or days.

A wink of his eye and a twitch of his head,
soon gave me to know I had little to dread.
He spoke not a word, but went straight to his work,
fixing a net that had gone plumb berserk;

And laying a finger on one suspect line,
he entered a patch and the net came up fine!
The packets flowed neatly and protocols matched;
the hosts interfaced and shift-registers latched.

He tested the system from Gateway to PAD;
not one bit was dropped; no checksum was bad.
At last he was finished and wearily sighed
and turned to explain why the system had died.

I twisted my fingers and counted to ten;
an off-by-one index had done it again..

Vint Cerf, December 1985


[spacer]The Personality of a Hacker

A recent study was released on the personality of a hacker. Quoting InfoSecNews
22:

“In a study consisting of a questionnaire and longer-form answer section started at the hacker convention H2K and Def Con 8 in 2000, Bernadette Schell, dean of Business Information Technology, University of Ontario Institute of Technology and John Dodge, professor at the School of Commerce and The Department of Math and Computer Science at Laurentian University, profiled 216 hackers and their style of thinking, coping with life, and problem-solving.”

The researchers found that the respondents, whose median age was 25, have "extremely low" tendencies towards terrorist and obsessive traits and possess "relatively balanced temperaments,” according to Schell.

“Respondents also tested as particularly creative,” she said, noting that the top score for creativity was 20 and that 62 percent of those polled scored 15 or higher on the test.


The combination of creativity and problem-solving styles revealed a commonality between hackers and a group that might not expect they have much in common with hackers: corporate presidents and chief executive officers. “The combination of analytical and directive problem-solving styles is shared by both hackers and corporate executives,” Dodge said.

I used to be very positive about InfoSec News. I would forward articles and would be Johnny on the Spot when they asked for cash donations. Well some news organizations plant tracking cookies when you visit their news site. I had put that in the comments when forwarding a security article. They took the comments out and posted the article. After this happened twice, I told them I would no longer forward articles if they we going to remove the warning of tracking cookies. I did not get a response, so I don't send in articles anymore. Nor do I send in cash donations either. It simply does not seem responsible to be talking about privacy and security yet ignoring tracking cookies.


 __________________

22. http://www.c4i.org/isn.html

Previous Topic/Section
0.1  You’re saved….If
Previous Page
Pages in Current Topic/Section
1
Next Page
0.3  Security Tao
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.