People Blaming Everything on Hackers

  • (6 Pages)
  • +
  • « First
  • 3
  • 4
  • 5
  • 6

76 Replies - 4285 Views - Last Post: 26 June 2013 - 11:05 AM

#61 modi123_1  Icon User is offline

  • Suitor #2
  • member icon



Reputation: 14036
  • View blog
  • Posts: 56,156
  • Joined: 12-June 08

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 01:10 PM

Quote

but they aren't prancing about with their head full of eyeballs about it.

I always hated fighting beholders.

Posted Image

Typical hold out grudge monster from the DM.. "oh, wait? What? They have an eyestalk that sews my bag of holding inside my bum?! Oh come on! That's not even legit rules!".
Was This Post Helpful? 1
  • +
  • -

#62 Lemur  Icon User is offline

  • Pragmatism over Dogma
  • member icon


Reputation: 1439
  • View blog
  • Posts: 3,609
  • Joined: 28-November 09

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:01 PM

View PostCurtis Rutland, on 25 June 2013 - 12:55 PM, said:

View PostLemur, on 24 June 2013 - 01:20 AM, said:

Now when I used to say I hacked Facebooks, it was with consent using SET and Side Jacking. Now that's actual hacking. Side Jacking no longer works in 99% of cases, and good luck finding out what SET is without knowing before hand.


Assuming we're talking about the same thing, SET is a very interesting beast. I was at a mini-conference where one of the guys that helped develop SET made a presentation, and the output was very, very believable. I think that under the right circumstances, I'd fall for it. And if a tech person like me would, the average user would be completely screwed.


Exactly that little nasty program. The only reason I caught it is because adblock wasn't flipping out and noscript wasn't blocking half the things it normally was. Basically the fact that I'm already paranoid is the reason I could tell, otherwise I would have definitely been nailed.

CISSP? Kudos, that thing looks like a beast to pass. Now if we're looking for a real security guy, someone that can wave that flag around is worthy of at least a few high fives. Any insight on the test or your experience up to that point?

----

Now then, on to the other guy. It's funny whenever you're being satirical about things such as hyper elitism, not so much when you actually 100% believe every single line there. Heck, I do the satire song and dance bit with lisp every shot I get for my own amusement (though it's still awesome.)

Anyone can wave a flag for something they don't understand. What it is is a replacement for actual knowledge by posturing. Hyper elitism is a surefire sign of someone who doesn't know anything about what they're on about. Be humble, if it's so great it will speak for itself.

As far as our security knowledge, yes I know about the Manifesto and all the other literature out and around. I also know enough about security to do a heck of a lot of damage if I were to really want to, which is why I don't go posting links to all of the tools and everything I tend to make or use. Most people can't be trusted with that type of stuff, because they all have some form of god complex. Just look at Anonymous.

If you want to hack, then hack.
Was This Post Helpful? 0
  • +
  • -

#63 Curtis Rutland  Icon User is offline

  • (╯□)╯︵ (~ .o.)~
  • member icon


Reputation: 5103
  • View blog
  • Posts: 9,283
  • Joined: 08-June 10

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:21 PM

Quote

CISSP? Kudos, that thing looks like a beast to pass. Now if we're looking for a real security guy, someone that can wave that flag around is worthy of at least a few high fives. Any insight on the test or your experience up to that point?


Yeah, it was definitely an interesting cert to get. I'm pretty proud of myself for that. But what I did learn is that it's way more of a manager's cert than a technical one. The total amount of info covered is absolutely staggering, but it's all just skin-deep. It's like a lake that covers miles but never gets deeper than a few inches of water. We covered everything from the bits on the wire to the fences outside the building.

I went to a SANS conference and took the MGT414 class. It was pretty great. Then I did practice quizzes on CCCure for about a month. Didn't really read any books, though everyone suggested I read the Harris book. If I was going to read one, it would be Conrad's book, because Harris's is really bloated. But it turns out I didn't need it.

I signed an NDA before I took the test, so I can't discuss test content. What I can tell you is that it took me about 2 hours (you're given 6, and I know several people that used every minute allotted), and I didn't review anything. I figured that if my first instinct wasn't right, second-guessing isn't likely to make it better (but everyone should how they test best). CCCures quizzes are a bit out of date; they focused really heavily on TCSEC. But it's still probably the best resource I found for it.

Beyond that, maintaining it is interesting. You need at least 20 credits a year (one credit = one hour of "continuing professional education"), but you have to have 120 hours every three years, so you really need to average 40/yr. I got eight for going to an all-day conference. (ISC)2 offers plenty of free hours, so that's never a problem; it's just doing the time to get them that's the pain.

But the CPE requirements are why the cert is so well-respected; it's hard to get, and requires effort to keep.

Anyway, I recommend more developers attempt this cert. I was the only one in my training class of over 50 that was a developer (most were admins/BAs/PMs/managers). Devs don't usually focus enough on security.

Quote

I also know enough about security to do a heck of a lot of damage if I were to really want to, which is why I don't go posting links to all of the tools and everything I tend to make or use


Yeah, I edited the worst out when I saw them. No need to link to them on a general programming forum.
Was This Post Helpful? 1
  • +
  • -

#64 Lemur  Icon User is offline

  • Pragmatism over Dogma
  • member icon


Reputation: 1439
  • View blog
  • Posts: 3,609
  • Joined: 28-November 09

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:26 PM

Well, DevOps Engineer so I go both ways on that. I'd considered getting it, and considering I read a staggering amount already and dream of being able to go to conferences all the time that'd be a good excuse.

CEH worth much of anything at all?
Was This Post Helpful? 0
  • +
  • -

#65 supersloth  Icon User is offline

  • serial frotteur - RUDEST MEMBER ON D.I.C.
  • member icon


Reputation: 4665
  • View blog
  • Posts: 28,487
  • Joined: 21-March 01

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:26 PM

and if you wanna smoke, smoke.

and if you wanna drink, drink.

and if you wanna fuck, fuck.

LIVE YO LIFE.
Was This Post Helpful? 0
  • +
  • -

#66 Curtis Rutland  Icon User is offline

  • (╯□)╯︵ (~ .o.)~
  • member icon


Reputation: 5103
  • View blog
  • Posts: 9,283
  • Joined: 08-June 10

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:28 PM

Quote

CEH worth much of anything at all?


Wouldn't really know. I'm not much of a hacker or a pen tester; I focus more on development. I'd guess that it's important for penetration testers, but beyond that I don't know.

Edit: one cool thing I forgot to mention about CISSP: the results are instant now. As of last year, they finally started doing the test electronically, so you can see whether you passed or failed as soon as you're done. You used to have to wait about a month for it to be graded and returned to you.
Was This Post Helpful? 0
  • +
  • -

#67 supersloth  Icon User is offline

  • serial frotteur - RUDEST MEMBER ON D.I.C.
  • member icon


Reputation: 4665
  • View blog
  • Posts: 28,487
  • Joined: 21-March 01

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:32 PM

that's how my security+ cert was. those things are such a racket.

also i got one of the last lifetime ones. about 4 days after i got mine they stopped giving those out and only gave away 3 year certs. i have mine FOR LIFE. i should just change my last name to 'secure'

supersecuresloth.
Was This Post Helpful? 2
  • +
  • -

#68 jon.kiparsky  Icon User is offline

  • Beginner
  • member icon


Reputation: 11040
  • View blog
  • Posts: 18,852
  • Joined: 19-March 11

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:34 PM

View PostCurtis Rutland, on 25 June 2013 - 05:28 PM, said:

You used to have to wait about a month for it to be graded and returned to you.


They probably got sick of having people cracking into their machines trying to figure out if they passed or not.
Was This Post Helpful? 0
  • +
  • -

#69 modi123_1  Icon User is offline

  • Suitor #2
  • member icon



Reputation: 14036
  • View blog
  • Posts: 56,156
  • Joined: 12-June 08

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 03:36 PM

CEH does carry weight if you want to go pen testing route. If you can afford the class I would take it over just trying to study for the exam. Brutal technical and esoteric.
Was This Post Helpful? 0
  • +
  • -

#70 Lemur  Icon User is offline

  • Pragmatism over Dogma
  • member icon


Reputation: 1439
  • View blog
  • Posts: 3,609
  • Joined: 28-November 09

Re: People Blaming Everything on Hackers

Posted 25 June 2013 - 07:06 PM

Security will probably be on my to-do list for jobs. Looks like I just got an offer for a Rails Web Dev position, so I'll have gone DevOps to Web Dev. What next, well we'll see. With any luck I can be a wise bearded LISP hacker by the end of it.

It's almost like someone who wants to make Games with no programming knowledge. We all know how that's going to end a vast majority of the time, they're impatient and they want to do the cool stuff right off. Almost the same deal with hacking and security. Unless you have a pretty keen skillset in DevOps type areas it's extremely difficult to get into because you just don't have the background knowledge.

I have far more appreciation for security now after I've had to put up with pesky bots from China trying to bruteforce everything (*Pro-tip don't leave SSH on the default ports and use key based auth, it will save you innumerable headaches later on.)

It's almost tempting to put forth an idea for a security section for more mature members to have at it a bit, but then again it factors down to programming specifics and the rest of the bunch as well. It goes both ways.
Was This Post Helpful? 0
  • +
  • -

#71 Bort  Icon User is offline

  • Ill-informed Mongoloid
  • member icon

Reputation: 450
  • View blog
  • Posts: 3,114
  • Joined: 18-September 06

Re: People Blaming Everything on Hackers

Posted 26 June 2013 - 01:19 AM

View Postoptix212, on 25 June 2013 - 06:54 PM, said:

I'm not a hacker, idiots.

I know about them... Wait, let me pull a quote that I know you ill-informed mongoloids would love to read

Quote

My crime is that of outsmarting you, something that you will never forgive me for.


Now please, flame away while I continue to sit back in my comfy computer chair and laugh at you all for getting mad at me simply.... Because none of you know a damn thing about my post...

You're mad because I understand something that you can't... Awwe, how cute. ^_^/>/>

Also.. I hope your not intending to actually be making fun of alphanumeric names while yours is undeniably alphanumeric Mr. H4nnib4l... Lol


I had to upvote this. Not because I agree with what he says. Actually, I think he comes across as a bit of an ass. However, he did try to insult us with 'ill-informed mongoloids', and that in itself is worthy of the upvote.
Was This Post Helpful? 1
  • +
  • -

#72 Flukeshot  Icon User is offline

  • A little too OCD
  • member icon

Reputation: 417
  • View blog
  • Posts: 1,030
  • Joined: 14-November 12

Re: People Blaming Everything on Hackers

Posted 26 June 2013 - 02:10 AM

I find it adorable when people try to talk smart on teh intarwebz and then make simple grammar mistakes.

inb4 OCD GrammarNazi - I already know.
Was This Post Helpful? 0
  • +
  • -

#73 BenignDesign  Icon User is offline

  • holy shitin shishkebobs
  • member icon




Reputation: 7502
  • View blog
  • Posts: 12,091
  • Joined: 28-September 07

Re: People Blaming Everything on Hackers

Posted 26 June 2013 - 05:59 AM

dafuq you on about fluke?
Was This Post Helpful? 0
  • +
  • -

#74 Bort  Icon User is offline

  • Ill-informed Mongoloid
  • member icon

Reputation: 450
  • View blog
  • Posts: 3,114
  • Joined: 18-September 06

Re: People Blaming Everything on Hackers

Posted 26 June 2013 - 06:06 AM

The post I quoted I think. Or at least the poster behind that quote. You know... the 'ill-informed mongoloid' guy.
Was This Post Helpful? 0
  • +
  • -

#75 BenignDesign  Icon User is offline

  • holy shitin shishkebobs
  • member icon




Reputation: 7502
  • View blog
  • Posts: 12,091
  • Joined: 28-September 07

Re: People Blaming Everything on Hackers

Posted 26 June 2013 - 06:44 AM

Ah, yes, the 300-poster who thinks he owns the place. I've personally chosen to rise above trolling and openly mock him in less direct ways.
Was This Post Helpful? 0
  • +
  • -

  • (6 Pages)
  • +
  • « First
  • 3
  • 4
  • 5
  • 6