The Hackers Guide to the Credit Cards

A lot of hacking movies are really corny and have little or no truth behind them recently though I saw one that actual does to a very good job of showing why hackers hack, how they hack, and how vulnerable we all are.  That movie was “Live Free or Die Hard”.  If you have not seen it go watch it and then come back and read this.

 

REMEMBER THERE ARE THREE TYPES OF HACKERS “WHITE HATS”, “GREY HATS”, AND “BLACK HATS”. 

In the simplest sense the what hat a hacker wears determines if they are a “Good hacker”, or a “Bad hacker”.  Software companies that fail to hire “White hats” put there customers at an unnecessary risk as there software has never been placed under a security acid test. 

 

Types of Hacks:

  •  Social hacking
  • A large number of the hacks out there exploit protocols, procedures, and the human mind.  In “Live Free or Die Hard” we see the On-star service exploited by “hacking” the operators emotions. A couple of years back a Black hat got a hold of all of Paris Hilton’s contact list by hacking the protocol and procedures of her cell phone provider.
  • Many virus’s spread in this way. They tell the user they are going to do something good for them and users trust them, and next thing they know their computer is sending all of their personal information to an ID thief.
  • A type of social hack is the IT guy who asks for you password because he needs to do work on your computer. NEVER EVER GIVE YOUR PASSWORD THE THAT IT PERSON!!! Any IT department worth their weight in scrap metal does not need your password to do work on your computer. If the IT person insists on getting your password change your password to something like “password123” and give them that.  Then the moment they are done with their work change it back. NEVER GIVE OUT ANY PASSWORD OVER THE PHONE TO IT.
  • Kitty script hacks
  • Kitty script hacks are pre-packaged hacks that even the stupidest of hackers can uses.  Most of them are based on the work of a real hacker.  Kitty scripts can be very effective, but general offer little threat
  • The most common use of Kitty scripts in D.O.S. attacks where the goal is to cripple a network or part of a network by exploiting either shortcoming in the design of the network, or network protocols.
  • The True Hack
  • This is the rarest type of hack it revolves around analyzing a system and designing a hack to exploit it.

Did you know? Most effective hacks are preformed by someone within the targeted corporation!

 

Shortcomings of modern operating systems

  • Every operating system is flawed
  • Key listeners are extremely easy to make and use.  OS’s need to add a secure key listening API for password fields.
  • Most OS’s store information on the drive in an unencrypted state. This means if I want your files I don’t need a password to steal them, I just need to “borrow your hard drive” or boot to a cd
  • Delete does not mean delete. By default current OS’s do not securely delete data instead they just remove the reference to it.  IF YOU REMOVE THE REFERENCE TO A BOOK FROM A LIBRARY DATABASE THE BOOK IS NOT GONE!!!

Inclosing

Security can only be as good as the weakest link, in some cases that is the system, in most cases that is the user. 

Previous Post