why do people get angry at script kiddies ? WARNING long rambling post

Kev

The fact of the matter is websites get defaced and computers broken into all the time, just as there is crime in the real world, which is a lot more important. if you park your brand new convertible in some scum bag area with the doors open and it gets nicked your not going to get much sympathy when you go screaming about how awful thieves are and the like. The fact is there are people with the ability and will to break into computers just as there are thieves and murders who go around committing more serious crimes, you just have to deal with it, its a fact of life, buy car alarms, house alarms etc. For computers its the same, you balance the cost of security against the value of what your trying to protect.
so why do people posting on here keep going on about how much these script kiddies suck and what they would like to do with them if they ever caught one, and how awful it is that a company got hacked, like its some kind of tragedy that couldn't be avoided, as if companies have no responsibility to keep themselves secure. If some big company sets up some commercial website with poor security and gets defaced, its tough titty for them, if they scrimped on security (knowing full well of the dangers or in ignorance) to save some money they deserve what they get, they took the risk and they lost. On the other hand some attacking a non-comercial site such as boards.ie is just not nice and serves no purpose. Another thing, why do people insist on constantly insulting script kiddies because they are only using tools created by other more intelligent people, insulting someone not because they less smart than yourself but because they are less smart than some third person is a little silly in my book. That said, I think most script kiddies are lame ass fools who have watched hackers too many times and have just enough intelligence/skill/knowledge/whatever to download known exploits and find a venerable website (but that said if they are that stupid why aren't the caught, can someone tell me what happens after a defacement or break-in, is there any follow up ? I haven't heard of anyone being caught), but mature adults who get all worked up at idiots because they got one over on them and resort to name calling are a bit sad.

Regarding banning defacement posts, I think defacements should be highlighted as otherwise it lets companies cover them up and continue operating with an unjustified reputation for security, but posts by lame #hackers_ireland members or other assorted script kiddies using the boards to give shoutz out and highlight there defaced sites should be closed. i would assume its just as easy to delete such topics as it would be to ban them all.

---

Mr. Chuffy

ecksor

Seriously, this debate comes up about once a month here.

Bottom line, people need to be more security conscious, but that doesn't excuse breaking the law, nor does it mean that people don't have the right to feel aggrieved when people break the law.

DeVore

<font face="Verdana, Arial" size="2">
The fact of the matter is websites get defaced and computers broken into all the time, just as there is crime in the real world, which is a lot more important. if you park your brand new convertible in some scum bag area with the doors open and it gets nicked your not going to get much sympathy when you go screaming about how awful thieves are and the like</font>

Actually you will tend to hear people tut-tut and say how terrible the world is.

Also, theives are not generally held up for praise for their efforts to increase the worlds car security.

Saying that kidiots help increase security is like saying that people who throw stones through windows are helping house owners understand that their windows can be broken.

I mean Christ do you know how many people out there leave their windows unbarred!!! I mean ANYONE COULD COME ALONG AND BREAK THEM!!!

QUICKLY , QUICKLY!!
STICK A BRICK THROUGH THEIR WINDOWS TO ALERT THEM (and then run away like Homer Simpson...)

Your analogy of a car owner doesnt work either, because take boards.ie for example, we DIDNT leave our doors open, or our park our car in a "scum bag area".

We were patched up to service pack 5 and a few hot fixes. Whatever hit us was a script that exploited something new it seems.

We've patched to SP6 and hotfixes now but its made the boards unstable it seems.
It may yet cause us to have to shut down for a week. We arent sure yet.

<font face="Verdana, Arial" size="2">On the other hand some attacking a non-comercial site such as boards.ie is just not nice and serves no purpose. Another thing, why do people insist on constantly insulting script kiddies because they are only using tools created by other more intelligent people, insulting someone not because they less smart than yourself but because they are less smart than some third person is a little silly in my book. </font>

I've "hacked" about 10 websites this year. None of them are on Attrition.org, none of them were defaced, all the owners were phoned and I explained to them what was wrong.

But of course, I dont get any credit for it, no fame, no *greetz*.

Thats the real point isnt it...

DeVore.

WhiteWashMan

next time your car gets stolen come and tell me about it.....
then you will know what a pain in the ass it is.
as for saying that serious crimes are murder and robbery but that hacking is not serious because someone doesnt get hurt or something stolen.
youre on a nother planet. i think most people dont like script kiddies not because they use other peoples tools etc, but because they like to think they are brillaint and like to do things to other people that causes a lot of grief.
seriously, its like trying to justify joy riding coz your bored.
get a grip mate.
oh, and remember when your car gets stolen to come and talk to me. i'll tell you how bad the world is getting...

Hobbes

I don't get angry. I just laugh at them.

Script kiddie tends to mean a person who runs a script without realising what it does.

However I believe it can be extended to "people who don't realise the outcome of thier actions". Not knowing how a thrid party tool is no different then actually knowing and still defacing a site the same way.


Just having the power to do something doesn't make you special. It's how you use it.

btw, 2 points. We call them kidiots and script kiddies because it upsets them. second point, don't diss Hackers. It's a class movie.

Kev

I think most of you missed my point, i agree with you all and i'm not saying that breaking into a computer is justified because it increases security, i'm simply saying that it happens and precautions need to be taken, if there were no kidiots there would still be a need for security. what i am basically saying is the amount of security should be proportional to the value of what is being protected, as DeVore said about boards.ie it was patched and kept up to date with hotfixes, which is good, and if its defaced, well thats just unfortunate but if somebody can't even be bothered to do this and expect that they wont have any problems, i have no sympathy for them.

i do not condone in any way, people defacing sites and i dont think its justified by increasing security awareness. but i know that sites will continue to get defaced.

"next time your car gets stolen come and tell me about it....."

when i have a car and if i leave the doors open and the key in the ignition and its robbed, then you can kick me in the ass and laugh at me.

you dont leave your car in such a state do you ? believing it wont be robbed 'cause that wouldn't be nice or cause its the cops duty to make sure its safe ?

if your car has ever been robbed doors locked, alarm on. i wouldn't praise the thief in any way, they should be locked up.

if the doors were open and alarm off, the only difference would be that you would deserve some of the blame.

---

Mr. Chuffy

Kev

<font face="Verdana, Arial" size="2">Originally posted by Hobbes:
I don't get angry. I just laugh at them.

Script kiddie tends to mean a person who runs a script without realising what it does.

However I believe it can be extended to "people who don't realise the outcome of thier actions". Not knowing how a thrid party tool is no different then actually knowing and still defacing a site the same way.


Just having the power to do something doesn't make you special. It's how you use it.

btw, 2 points. We call them kidiots and script kiddies because it upsets them. second point, don't diss Hackers. It's a class movie.

</font>

i agree with everyting you say, but i'd say a script kiddie means a person who runs a script without realising how it works rather than what it does.

also nobody awnsered my other point, have any of these kidiots been caught ? if there only idiots surely there must be logs and stuff to find them.

---

Mr. Chuffy

Hobbes

No I said a script kiddie is someone who doesn't know what his actions can cause. This relates to not knowing what a program does to not knowing what thier actions of running that program will do.

Anyway why are you comparing a website to a car? Is boards.ie parked in the seedier part of the net?

How about we compare it to a house instead? So lets say you know how to open a certain lock due to a problem with the lock that people can fix if they brought it back to the maker.

Does that make it right for you to break into the house and spray paint "U SUX0RS! UR SeCuR1tY SUX!!! SHOUTZ 2 aLl the lam0rs I no!", then smash up some furniture while your at it?

As devore pointed out, the hack wasn't because thier site was not secure by fault of thier own. In fact his window analogy is better.

We know windows are flawed as a security system as a brick through them will get you in. Does that mean we should throw bricks through peoples windows to show them how insecure they are?

PhilipMarlowe

<font face="Verdana, Arial" size="2">Originally posted by Kev:
...to download known exploits and find a venerable website... </font>

Hmmm was that a compliment to boards.ie in l33t sp34k?

dahamsta

<font face="Verdana, Arial" size="2">Is boards.ie parked in the seedier part of the net?</font>

Well, yes. With the current state of telecommunications in Ireland, we're the white trash of the Internet, and .ie is the trailer park we call home...

Yeee-haaaw!

Kev

<font face="Verdana, Arial" size="2">Originally posted by Hobbes:

So lets say you know how to open a certain lock due to a problem with the lock that people can fix if they brought it back to the maker.

Does that make it right for you to break into the house and spray paint "U SUX0RS! UR SeCuR1tY SUX!!! SHOUTZ 2 aLl the lam0rs I no!", then smash up some furniture while your at it?</font>

no, as i have said before i am not saying hackers have a right to break in to anything just because they can

im saying you shouldnt not expect someone to

"break into the house and spray paint "U SUX0RS! UR SeCuR1tY SUX!!! SHOUTZ 2 aLl the lam0rs I no!", then smash up some furniture"

if you leave all your doors open.


if i asked you "do you leave your with windows and doors open ? "
you would probably say "no, dont be stupid, someone would rob my stuff"

---

Mr. Chuffy

Coyote

what is your point
the servers are not left open
they do not leave defalt passwords, if they did then they might be getting what is commeing to them.

you can never be right at the frount,
if i stop most of the ways of brakeing in to my house, what do i need to do to stop people brakeing in, have armed guards ? dogs ? like in a cell with out windows and have 15 locks on my door ?

you point is in a way true, you can not leave servers open.
but the boards.ie server was not left open.
but how much time do someone have to spend minding the server ????
pay someone to sit there watching the logs to see if someone is doing things there not ment to ?
it's a curve of "time spent to security returned". it's just a waste of peoples time.

Coyote

Lord Khan

phew that's long.

I don't get angry at script kiddies really.
more annoying to me than anything else wouldn't waste time getting angry at them.

basically, Script Kiddies to me are people as stated "who do something but don't know what they are doing" ... ok ... these is far fetched but just as an example. say you give somebody a weapon,but don't teach them the correct use of it, what do you expect to happen?

Script kiddies are in my view not out to increase their awareness or knowledge, but set out to do harm straight off, they may claim they seek to increase their knowledge, but generally it's always the knowledge of trying to hack/deface that site not about how to stop it.

they are the kind of people who type in "hacking" in to a search engine and come accross one of these sites which has "Custom hacking scripts", "just run this and you can be l33+ too".

I do think people get the idea of us being "elitest" in our attitude towards script kiddies. but in fairness we are not being elitest, there are people on these board who work pretty hard in the role of Computer security etc, they are hackers but that is their job, and they are getting bad reps from script kiddies, which is why the term was created. Like hackers and crackers, just to draw a line between the two.

I do like the comparison of them to petty criminals as basical in internet terms that is what they are.

it's kinda like somebody who thinks they're l33+ because they once owned a c64 when they were 6 years old.

But hope is not completly lost, I know about 2-3 cases where script kiddies were "adopted" by hmmm for want of a better word hacker groups, I prefere the term Free Lance Security Think Tanks and have since learn a respect and code of practice for hacking sites and systems.

WhiteWashMan

again.....
if you leave your car open, doesnt mean you want someone to rob it.
because your website is not completely unhackable does not mean that someone should hack it....
is there a point to this?

sam

isnt boards.ie running IIS 4.0?
there was an exploit for that called (suitably enough) "iishack" out in 1999,

whats more, theres even a similar exploit (made by the same people) out for IIS 5.0 already, so i really doubt whoever defaced boards.ie really needed to know what he was doing..

sam

i was going to edit my post to say "what he/she was doing" but ****it, everyone knows all girls on the internet are really some 45 year old gas worker from glastonbury called "Bruce", haha

Cake Fiend

<font face="Verdana, Arial" size="2">Originally posted by Hobbes:
second point, don't diss Hackers. It's a class movie.

</font>

Ya, one of the best comedies I've ever seen.

wintermute

<font face="Verdana, Arial" size="2">Originally posted by sam:
i was going to edit my post to say "what he/she was doing" but ****it, everyone knows all girls on the internet are really some 45 year old gas worker from glastonbury called "Bruce", haha</font>

While that's probably the type of comment that's designed to start flame wars, you are probably right in saying "what he was doing" since females generally don't have the same desire to boast about their antics as their male counterparts.

But at the end of the day, the world I inhabit has very much a "them and us" mentality. We try to prevent them from getting in and they keep on trying. I don't really care if they're male/female or what silly little reasons they develop to justify their activity. In the end, I'm paid to take any necessary measures to prevent a breach.

On a final note, before I start to rant! I really don't have any time for these social degenerates and their "information should be free / we only want to learn" rhetoric. At least one can share some level of professional respect with those amongst us who are paid to do it or someone who's after more than index.html But doing it show off - get a life.

sam

the girls thing was a joke, next time ill put a page of smileys after one of those so.

as for doing it to show off, maybe theyre just doing it to show you what they could have done if they had been irrsponsible?
i just take it as their way of warning you about what other people could do

Rev Hellfire

Lets face it Script Kiddies are morons, sad no life, no hopers.
Defacing a site is as cool as kicking the glass in on a bus shelter, and writing your usually totally crrap moniker on it, your in the same league.

spod

Haven't read entire thread, but just want to put my .02 euros in..

I get ****ed off with script kiddies for a few reasons.

- Information doesn't want to be free. If someone set a password or thought they'd installed a secure server out of the box, respect it. It's the digital equivalent of reading your sisters diary when your 14.

- Just because you can doesn't mean it's ok to do it.

- Because I'm a lazy admin who has to be a ******* to users because they don't realise there's a great big fsck off red target sign pasted on anything that's on the Internet.

- They abuse peoples misplaced trust in computers. The Internet may have been cool and funky in berkley in the 70s nowadays it's a horrible crassly overcommercialized anarchic mirror on our society. or soething..

mmgh time for more sandwiches and a few minutes of police academy..

spd

spod

<font face="Verdana, Arial" size="2">Originally posted by Hobbes:
[snip]

btw, 2 points. We call them kidiots and script kiddies because it upsets them. second point, don't diss Hackers. It's a class movie.
</font>

Hackers rocks. Gave me much needed recovery a few weeks ago.

So much so I wanted to call a new machine I was setting up Gibson but got voted down

It's idoru atm which is a nice Gibson reference...

DeVore

Spod you forgot

- Because Kidiots are laughably immature muppets who think that it makes them "cool".

- Because they are the kind of bucked teeth, coke-bottle glass wearing *nerds* that give the rest of us a bad name.

- Because they think its cool to talk in l33t h4x0r sp33k! (When that actually became very very very uncool about the second time it was ever used!).

- Because CSD is RIP because some kidiot couldnt just buy Penthouse and a pack of Klenex... oh no he has to be DEATHGIVER or SYSTEMX or F3ars0meP3n1s or some other GAY name. (they are generally homophobic too, so calling them GAY KIDIOTS really gets on their tits.)

Oh I could go on, but... well I have to go out and DRINK BEER lol.

DeVore.