Monday, 1 August 2011

Security of your shit

I've been recently watching this whole LulzSec, Web Ninjas, The Jester etc. hacking theater. And i must say i'm impressed how much bullshit is there just waiting to be uncovered.

First of all, you guys don't get any of my respect as hackers. LulzSec are just script kiddies. "The Jester" is no less a script kiddie than LulzSec, and he has a dumb alias. Web Ninjas, Team Poison and all those "doxerz" trying to uncover each others identities... Same. Lame attempts at trying to prove the world that they have any meaning. All in all, classic case of unwarranted self importance.

However, LulzSec do earn my respect as human beings. IIRC they didn't claim that they were uber-cool hackers. In fact, their actions show quite the opposite - the security of the guys they "hack" is SO lame that even a moderately motivated script kiddie can hack it. This mass "hacking" spree happens not because they are good at what they do, but because the security on the other side of the wire is so incredibly poor that even a script kiddie can "hack" it on a daily basis. They show that people don't understand the implications of Internet, and underestimate the importance of online security. In fact, i know first hand that managers are often very reluctant to provide additional funds for anything related to computers, thinking that it's a complete waste of time and money. Security? What security? Get back to work, asshole. Hell, a lot of system administrators, programmers, web designers and the like are doing what they are not supposed to do (fixing chairs, cleaning toilets etc.), because management doesn't understand that if a sysadmin does nothing - it's because he's a brilliant sysadmin and everything works as intended.

These hacks also show how reluctant are people to change passwords and engage in basic online hygiene. I think part of the reason is because it's not convenient. I mean, there is no easy way to remember the passwords and share them across multiple devices. Yes, many people hate the very idea of passwords and use words like "madrid" or "1234" for passwords, but those of us savvy enough to know about the risks still don't do that - because there is no easy way to do that. Only recently, when i switched to Kubuntu instead of Windows i started to employ these techniques. But anyway, back on topic.

The Jester is a narcissistic idiot suffering from severe delusions. You know, your typical "MERIKKUH!!!" guy, which just happens to have some rudimentary "hacking" skills. American patriotism my ass. OK, so waging completely pointless wars is OK, but uncovering people who help americans fight against their own country is not acceptable? Yeah, right. Somehow i think that "the jester" isn't really a hacker, and is not even a real person. Everything about him looks too "hackerish" for him to be a real hacker (or even a real person). More likely it's a media bait, something to newspapers to write about and Joe Sixpack to read (sure it sounds scary for a dumb fuck to read about the mysterious hacker which calls himself The Jester).

And did you read his blog? Yes, the dude actually has a blog! And an IRC channel dedicated to his precious self! Well, twitter account goes without saying, although this "JESTER ✔ Genuine" looks incredibly lame. All in all, lame blog full of graphics and formatting (incredibly hard to read, dude, srsly, get a real web designer!), self-admiration, narcissism, narrow-mindedness, self-righteousness and pretty much all the things i hate about people. Real hackers don't ever do that. Take a look at personal pages of ANY knowledgeable person in IT - FLOSS project participators, software developers... Take a look at - does it look like Christmas? It doesn't. Because these people don't have time for narcissism, they do actual work and they know their stuff. So yes, "jester" is just another script kiddie, coupled with your typical redneck american patriotism attitude and a desire for (undeserved) fame.

And all these "doxing" attempts by both The Hamster and other idiots (Web Ninjas etc). Do you really think gathering a bunch of ratted out IRC logs, tweets and whois entries isn't lame? It is lame. It's what Anonymous were doing for years without calling themselves "hackers". You gotta do more than that to impress me.

No comments:

Post a Comment