CNN Says Chat Rooms Are a Haven for Hackers 543
MiTEG writes "CNN is carrying an article about IRC and how it aids "hackers" with their mischief. There are some alarming quotes from Bruce Schneier, CTO of Counterpane Technologies, such as "people who are anti-big-corporation are going to be more likely to use something like IRC"." Yeah, if they ever hung out in our chatroom, they'd
lock us all up for abusing Kurt the Pope.
Also used by 'hackers' (Score:5, Funny)
Re:Also used by 'hackers' (Score:5, Insightful)
This reminds me of two famous (and nearly identical) quotes:
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
-- Benjamin Franklin (1706-1790), Letter to Josiah Quincy, Sept. 11, 1773.
Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one.
-- President Thomas Jefferson.
1743-1826
Re:Also used by 'hackers' (Score:5, Insightful)
BTW, another quote:
There is no freedom without security.
-- Wilhelm von Humboldt
Total freedom means survival of the strongest and least scrupulous and those valuable to them, i.e. mainly the freedom to be robbed, raped, murdered and suppressed. The ideal is to find a balance between freedom and security.
Re:Also used by 'hackers' (Score:4, Insightful)
-- Wilhelm von Humboldt
To which I'll add: "There is on peace without justice."
--Peter Tosh, Reggae Singer
Total freedom means survival of the strongest and least scrupulous and those valuable to them,
Actually, that is a logical fallacy, since total freedom also means freedom to live - "total" freedom, as in "optimal" freedom would mean that everybody shared the same freedom without infringing upon other people's freedom. The balance is delicate, I'll give you that - but it isn't between freedom and security. Rather it is between everyone's freedom. Of course we also need to discuss what types of freedom: obviously, no sane society will condone freedom to perpetrate crimes against other people (because then it would negate those people's own freedom). We can stick to the basic freedom that every human should have, amongst which are the classics (freedom to live, freedom of speech, freedom of movement), and everybody will be just fine. However, with that freedom comes some risk that people will use it to do bad things. That is just something we have to accept: limiting everyone's freedom because of inherent risks is not an acceptable solution.
All right, that's enough typing of the word "freedom" for a single day!
Re:Also used by 'hackers' (Score:3, Informative)
Re:Also used by 'hackers' (Score:3, Insightful)
To read *any* message on a typical IRC network you need access to this many servers:
One.
The way IRC is constructed each message goes to every server, so it's a no-brainer.
Re:Also used by 'hackers' (Score:2, Informative)
If there are multiple users on a server in the same
channel, the message text is sent only once to that server and then
sent to each client on the channel. This action is then repeated for
each client-server combination until the original message has fanned
out and reached each member of the channel.
Same with PRIVMSG's, they only travel through the servers on the route from the orgin to the destination. It would be truely bandwidth waste to send all messages to all servers.
Re:Also used by 'hackers' (Score:3, Interesting)
The sadder thing is, this war is purportedly being fought for our freedoms, and the government seems to think the best way to secure our (hard-won) civil liberties is to start by taking them away.
Although they have been pretty clever about it: a war against an invisible, intangible, unmeasurable "enemy" (terrorism) is an invisible, intagible, unmeasurable war -- in other words, there is never a time when they have to/can declare victory and drop the pretext of fighting terrorism, and thus there is never a time when they have to give up the gradual rescinding of our liberties "in order to guarantee our security." How is this fighting for freedom?
Of course, while it's clever, it's hardly original. Pretty reminiscent of the never-ending wars fought in 1984; Big Brother's rhetoric's not even far off from Bush's, and the declared purposes of the wars are likewise pretty similar.
Oh well.
Re:Also used by 'hackers' (Score:3, Insightful)
That's absolutely true. We've had some kind of "war" going on for a long time. I first remember it with the bombing of Libya in the 80's, but I'm sure it goes back farther. It's typically not an officially declared war, but rather some kind of foreign conflict with a purpose that is unclear. The "War on Terror" appears to be designed to last for a good long while yet. That ought to keep the minds of the masses from being occupied with Real Issues for the next decade.
Re:Also used by 'hackers' (Score:5, Insightful)
This reminds me of two famous (and nearly identical) quotes:
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin (1706-1790), Letter to Josiah Quincy, Sept. 11, 1773.
Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one. -- President Thomas Jefferson. 1743-1826
Well, it seems that Attorney General John Ashcroft doesn't agree with two of America's great founding fathers. He was quoted as saying, "To those who scare peace-loving people with phantoms of lost liberty, my message is this: your tactics only aid terrorists."
I'm sorry John, but here, you are the terrorist. Don't persuade me or anyone else to give up my freedoms to make your job easier under the guise of making the world a safer place. To calmly allow you to take my rights is the first step onto a slippery slope that I don't even want to know the results of. I won't quit using IRC, I won't give up my private keys, and I will continue to protect my right to say and hear what I'm constitutionally allowed to. If you want to take my rights, try to change the first amendment. Until then, in the spirit of Monty Python's The Life of Brian(I know they're not American, but it's the best quote I could think of), "piss off!"
Re:Also used by 'hackers' (Score:5, Informative)
Since the late 90's, the US Govt (Specifically the NSA, CIA, and NRO) along with other govts have showed increased interest in IRC. The original problem with monitoring IRC was the ability to correlate the packets (through Eschelon, JID, misc. sniffers) to the handles, DCC sessions, and misc. queries. Once scripts were established to correlate time stamps, and do active session recreation/replay the data was a bit more reliable, however there were large gaps in the data where netsplits occurred, or handles changed, dynamic IP's, etc. Since running analysts through abstract sessions of data was counterproductive, the data was dropped. So in public channels, bots and live agents (*cough*analysts*cough*) were placed to idle and log, however groups started catching on to the idlers and kicking, in addition, since all of the operations were done w/o the knowledge of IRCops, K-Lines started being put up and times got a bit harder.
So starting in late 2000, when reliable/substantiated information started comming across about possible Electronic Warfare, under cover company names, IRC servers started getting funding and/or being provided by agencies with an active tcpdump w/ ssl netcat (or scheduled ssh dumps depending) running on them (yes, that simple) which was then reprocessed and sessions recreated through a series of parsing scripts and dumped into databases that track handles, IPs, session data, keyword recognition (including handles, group names, and a series of acronyms/extensions), along with the ability to grab code snippets.
OPN, DAL, IRCNet and EFNet all participate in monitoring, EF and IRCNet remain the least cooperative, DAL and OPN actively participate and support the process. LiloFree, SuidNet, Conclave, and others are extremely difficult to track, however have their faults.
I won't get into IM protocols since we all know the inherant problems. AOL has not been entirely supportive of US Govt efforts to setup monitoring devices, however the Time Warner side of AOL/Time Warner has been a bit more agreeable. ICQ/Mirabilis gave in a -long- time ago, LICQ over SSL is great though.
The quotes below are great, however in times like these, the famous line "Do not disclose, sources or methods" from our spook friends applies quite well. Reply to:
Re:Also used by 'hackers' (Score:3, Insightful)
"A man that would sacrifice his freedom for security deserves neither. The God who gave us life gave us liberty at the same time."
-Montesquieu, The Rights of British America
Re:Also used by 'hackers' (Score:2)
This is news? (Score:2, Funny)
NEWSFLASH: The sky is blue.
Re:This is news? (Score:4, Funny)
Other places hackers hang out:
- malls
- coffee shops
- schools
CNN might want to investigate these places as well. Inside sources from CNN also tell me that these things called "newsgroups" exist. Appearantly, these "newsgroups" allow people to exchange "news", which according to CNN sources is a "code word" for "illegal activities", and is a new sweeping trend in the scary hacker underworld.Also, staring at the sun can cause blindness.
Re:This is news? (Score:5, Funny)
Re:This is news? (Score:4, Insightful)
He can't understand blue, or what possible uses that color has on a day to day basis.
Likewise, the people out there coming up with these "notices" are technology blind.
So if we couldn't trust a colorblind person to paint your house, how can we trust technology-blind legislators and other political reps to make the right decisions or statements on our behalf...?
Time to get out the voting stick.
CNN is quality media (Score:5, Insightful)
Re:CNN is quality media (Score:3, Informative)
Re:CNN is quality media (Score:2, Insightful)
Actually, Fox News is rather unbiased (at least, when compared to MSNBC, CNN, ABC, CBS, NBC, etc.).
Fox News is not unbiased, they are simply biased to the right instead of to the left.
Re:CNN is quality media (Score:2, Insightful)
Re:CNN is quality media (Score:2)
Living in the UK, I've never seen it, and so can't comment directly. However, I used to work for News Corporation (who own Fox), and I can assure you that not a single word of their combined media output is unbiased...
Re:CNN is quality media (Score:2)
Re:CNN is quality media (Score:3, Funny)
Of course, they'd be surprised by a CRT. Let alone TCP.
Telephone System A Heaven for Criminals (Score:3, Redundant)
Re:Telephone System A Heaven for Criminals (Score:3, Funny)
Brought to you by citizens for a mute and honest society.
Re:Telephone System A Heaven for Criminals (Score:3, Funny)
Criminals wanting to conspire to commit criminal action are known to sit in corporate boardrooms in closed, secret conferences.
Re:Telephone System A Heaven for Criminals (Score:2)
hmm, seems to work that way too.
~Sean
Re:Telephone System A Heaven for Criminals (Score:2)
Here's an analogy that you may, possibly, be able to understand.
Phone system::IRC talk::Napster.
Phones only help you when you know who exactly to call. IRC provides more of a forum, which will help when you don't precisely know who to contact -- and when you'd prefer that those who you contact won't know exactly who YOU are.
So, frankly, your post is a bunch of hogwash in its "slippery slope" implications.
Re:Telephone System A Heaven for Criminals (Score:2)
Now, unless you can show that IRC is NOT providing a forum for such activities, your post is, for all practical purposes, useless.
Re:Telephone System A Heaven for Criminals (Score:2)
Yet another poster who needs to be beaten with the cluestick...badly. You can't prove a negative.
Newsflash (Score:2)
Astonishing.
Wow, what bullshit . . . (Score:3, Informative)
Ah, what fun we had with bots . . . We had a bot to talk to our phone list database, a bot to page people, etc . . . Grand fun.
Shocking! (Score:5, Funny)
those quotes.... (Score:2)
i read the article yesterday (tried submiting it too, rejected) and the article was anti-IRC right from the start. Kinda like Phil Zimmerman's "guilt" over PGP [slashdot.org] dabacle with the Washington Post last September following the terror attacks.
basic thing to remember: the media is always biased, no matter how much they say they arent.
Re:those quotes.... (Score:2)
"It's older, it's not tied to Microsoft or AOL or a big company, it's one of the Internet protocols
He's saying that someone who is anti-big-corporation is more likely to use IRC which isn't controlled by a big company than AIM, Yahoo Messanger, or MSN. Not that anti-big-corporation people are more likely to use irc than pro-big-corporation people.
Retarded (Score:2, Insightful)
People who own a gun are more likely to shoot someone. Therefore we should ban all stores that sell guns, such as K-Mart.
People who smoke are more likely to die of lung cancer. Therefore we should close down all 7-11s because that's where people sometimes buy cigarettes.
While it may be true that "Many people who are hax0rs use IRC", that in no way indicates that the converse is true. I realize I dont' have to tell you all that, but who else is there. I am sick of so-called "experts" spouting ridiculous notions.
Spend some time on irc.enterthegame.com. It's a server for people who play online games. Shocker, not too much hack talk going on here; just typical clan nonsense, all in good fun.
blah (Score:2, Interesting)
say it after me...... (Score:2, Insightful)
Selective Reading (Score:5, Insightful)
Chatrooms, in the news over the past years, have also been a haven for:
People sharing interest in pretty much everything you can find in alt.* and rec.*
Pedophiles
People meeting each other legitimately and socially
Terrorist plots
The future of Slashdot
It's just another red herring for the media, the biggest news for the New Yahk media is a big drought in Delaware, so guess what they dig up to shock Mr. and Mrs. Average American. Big wh00p.
Re:Selective Reading (Score:2)
News media hosting chats to appear high-tech
Web chat is a solution (Score:3, Interesting)
One of the solutions for this problem is webchats. Webchat can be done using http and a web browser, all the functionality becomes controled by web frames inside the browser. No information can be retrieved besides the ones avaiable.
Of course that there are plenty of disadvantages, the speed is one of them, but I think that is acceptable so we can increase security.
Other option is modify IRC protocol to avoid these security flaws, this would avoid speed problems, and maybe is the more intelligent thing to do. But, will new IRC clients/servers implement the new protocol.
IMHO the new protocol, whatever it would be, http or new irc, should not be compatible with the old one, so we enforce the change, and avoid further problems.
What are the other options?
Re:Web chat is a solution (Score:3, Interesting)
Incidentally, did every get a good laugh from today's announcement of no less than EIGHT new IIS holes? Lo,they are mostly present in the current version; and lo!(too), they were mostly(all?) discovered by OUTSIDE researchers, not Microsoft programmers on their month of 'intensive security auditing' their existing codebase (*giggle*)
Re:Web chat is a solution (Score:3, Insightful)
Kintanon
Nice headline. (Score:5, Insightful)
Ok, do this over IRC, and you're a criminal - do it with a website, spyware, or spam, and you're a business.
hmmmm..... maybe I need to check out #amazon and #brilliant.
Re:Nice headline. (Score:4, Funny)
Of course, given that the current definition of criminal is "one who does not make campaign contributions."
Wow, investigative reporting (Score:5, Informative)
Gee, I guess it would have been way too much trouble for CNN's hotshot reporters to log on and find out for themselves before running this half-baked article.
Re:Wow, investigative reporting (Score:2, Funny)
To get CNN hacked?
You really think they are that dumb?
And while we're on the subject... (Score:5, Funny)
You should ALSO assume that your wife is cheating on you. And you're about to be fired. And someone is monitoring you. Constantly. We even know what brand of socks you're wearing.
Guilt by Association. (Score:2)
But it's just another Internet tool like email, USENET or WWW. It can be used for good or ill just like anthing else. I don't think it's any more secure from monitoring than any other protocol. Anon [mixmaster] email actually seems the least traceable.
I think this is just a slander-by-association: someone doesn't find IRC participants "nice" [=like them] so choses to consider all IRC participants gulity by association. Might as well consider all email users evil, same logical fallacy.
They also... (Score:2)
Hehe, that's funny ;) (Score:5, Interesting)
I've been IRC'ing since 1992. That's 10 years, and I'm still not a veteran.
Some of the World's (Internet's) greatest heros and founders hang out on EFNet/IRC or some like service...
Remember BBS?
It's so typical for people to lash out on things they do not understand. More or less, its all too typical that they never emphasize the best parts about it. I mean comon.. Let's think about it.
IRC is a place to share knowledge, not just CC #'s (who are they kidding.. I have never been asked to trade a CC # or anything of the like.) Many of the World's 'hackers' (or techies that work for YOUR company) can acredit their knowledge (or at least the start) to IRC. I know I can.
I knew nothing (well, not nothing, a tincy bitty bit) about the Internet, its structure, protocols, computers, other operating systems, etc. before I came to IRC.
It all started with the 'need' to have an eggdrop bot in my channel.. How the hell was I to do this?
*shrug* I didn't know what I was doing.. but I got my hands on a free WOPR.net shell, (if anyone knows who I'm talking about.. send a shout out.. I'm curious) and was forced to learn a bit of unix commands (heh) to opperate the bot...
By and by I had shell after shell.. learning more about *nix as the opportunity came along. I eventually had the oppertunity to have root on a friends system (from IRC) and learned more and more about the system and how it worked.
Fast forward a bunch of years
The news concentrates on the bad things always.. I've become a better person because of IRC, completely. Not only have I learned a tone of IT stuff.. I've also learned how to be a
Much of the Internet success stories are because of IRC, and I feel this article fails to discuss this... That is a bad thing, and this is why us 'hackers' seem to get a bad rep.
Oh yeah.. IRC didn't teach me how to spell, really
Is Bruce Schneier on crack? (Score:4, Insightful)
"A lot more credit card numbers are stolen than ever used, but you should assume that right now, in your wallet, there's a credit card number that has been stolen off the Net."
To me this says, that I should assume, in my wallet is a stolen credit card. Well, there isn't, and I don't need to check. I have one credit card, and since I get a statement every month with my name on it, I obviously didn't steal it.
Now if he's just a confusing person and is actually saying that I should assume that one of my credit card numbers has been stolen. Well, as long as everyone out there practices some basic security, they shouldn't worry about that either. The first thing is to make sure you have fraud protection on your credit card (most have a $50 limit now). Second, look at your statement! If you just pay your bill without examining the charges, well, send me your credit card number!
Re:Is Bruce Schneier on crack? (Score:2)
Let me get this straight: (Score:3, Insightful)
Corporations getting personal information and selling it to other corporations is good.
People with tightly held secrets are suspect.
Corporations with tightly held secrets are to be trusted.
A person trying to extort people is a thug and scam artist.
A corporation trying to extort people is just protecting the artists.
OK. I got it. Now can I incorporate myself? I think I'd be much better off as a corporation than as a citizen.
Duh (Score:3, Insightful)
There's the only useful statement in the whole fscking article. What a loaf of fertilizer. Must have been a boring newsday for the CNN "tech" crew...
Re:Duh (Score:2)
Not really so alarming... (Score:4, Insightful)
There are some alarming quotes from Bruce Schneier, CTO of Counterpane Technologies, such as "people who are anti-big-corporation are going to be more likely to use something like IRC".
It actually seems to me that Schneier did a pretty good job of preventing some editor from slapping an alarmist breaker along the lines of "IRC is a tool designed for smelly hackers" into the piece; take a look at the full quote:
"It's older, it's not tied to Microsoft or AOL or a big company, it's one of the Internet protocols ... so if you're running Windows or Linux or Macintosh or another flavor of Unix, you can use it," says Schneier. "So it's not that it's more suitable for hackers to use, it's just a more basic service and people who are anti-big-corporation are going to be more likely to use something like IRC." [Emphasis added.]
He goes out of his way to point out that there's nothing that makes IRC particularly "suited" to nefarious purposes, but rather that its non-corporate nature is likely to appeal to anti-corporate people. (That, of course, is an assertion that can be argued forever, but it doesn't strike me as too alarming.)
Re:Not really so alarming... (Score:5, Interesting)
AOL/TW/CNN obviously has risked much to become a major player in the content game. Their discomfort with a world in which anyone is a content producer leaks out here. You'd hope they would find ways to profit from this prospect of freedom, rather than trying to squelch it, but it's not surprising that some folks in that outfit don't get it.
As for me, I'm not anti-big-corporation where big corporations matter. I like airlines and bridge builders and silicon foundries, but I'm not about to set one up in my basement. I don't like Starbucks, because their main value-added is de-localizing what ought to be a lot of small businesses.
If information megacorps want to help me, they'll help me make the most of all the content out there, and they'll help me stay secure even though there's no sensible way to keep bad people out of chat rooms. I don't want to live in a world where people steal my credit card, but even more I don't want to live in a world where significant powers feel free to characterize online chat as subversive.
Re:Not really so alarming... (Score:2)
Absolutely agreed (though I'm afraid that we already live in a world where significant powers feel free to characterize online chat as subversive).
My concern was regarding the characterization of Schneier's quotes as "alarming." His quotes were far more reasonable than those made by Chad Harrington (the IRC is eBay for hackers statement); it seems to me that the story would have been far more skewed and alarmist without the input from Schneier, and I'm honestly glad that his input made it into the piece.
CNN *runs* an IRC server! (Score:5, Interesting)
Then, with Talkback Live, they make excellent use of AIM and IRC. Very forward thinking.
Re:CNN *runs* an IRC server! (Score:3, Interesting)
Let's play the Slashdot Overreaction Game. (Score:3, Insightful)
- Call CNN a bunch of morons.
- Suggest that we should therefore ban
- Say "Duh".
...without showing ANY evidence of reading the article, or making any factual statements whatsoever?
Really, now.
Now, for those with actual central nervous systems and who actually care about facts rather than knee-jerk responses:
IRC is a multiperson always-on real-time worldwide system, and is therefore more conducive to exchanges and marketing than phones, pagers and their ilk. There's no comparison, really, except for morons, because while a phone system at most might be a small-scale party line, messages on IRC can reach nigh-arbitrary amounts of people whom you DON'T need to have previous knowledge of. Even if you do NOT have any intended buyers in mind, calling random people and offering credit card numbers is stupid. Sending a CC list offer to an appropriate IRC channel is less stupid, in that you can reach more people at once, and they're voluntarily reading so they're more likely to be interested. Plus, there's no Caller ID, and if you're bright you may be using a compromised machine so that your own IP isn't shown. If the distribution of logs crosses national borders, it may be quite a hassle for anybody to ever find your identity -- assuming that you can maintain anonymity during an exchange, of course, by not screwing up by, say, using one of your own personal bank accounts.
And, most people who read CNN have little experience with IRC. Therefore, it's fair to give them a "heads up", especially, say, if they've got a teen who's spending a lot of time online and ordering more stuff than you think he could afford, or similar situations... this merely provides a bit of awareness to the technologically naive.
since the dawning of time (Score:2)
Other forms of communication (Score:3, Funny)
Some other media that the CNN article forgot to mention:
Bayes Theorem (Score:5, Insightful)
<Offtopic>I can't stand the current Cannibis debate in the UK where people state something like that 95% of heroin addicts used Cannibis first as a gateway drug. Therefore Cannabis should be illegal. While I agree Cannabis should be illegal, that argument is a statistically false one because you cannot say that 99% of cannabis users go on to take heroin. That would be significant</offtopic>
Here, just because I imagine 99% of script kiddies use IRC, does not mean we should be anti IRC. You cannot map it to the proper argument where I imagine only <1% of all IRC users have anything to do with hacking and scripting. If you, for example, kill IRC, you upset 99% of the populatoin and script kiddies go elsewhere
Exploitation of people's misunderstanding of Bayes makes the easiest and most effective weapon in the world of FUD
Re:Bayes Theorem (Score:2)
Congratulations for discovering PROPAGANDA (Score:3, Interesting)
Welcome to the world of PROPAGANDA. Psychologists know that people will subconsciously accept brazen lies if they are sufficiently tired, confused, or distracted before taking in the false causal statement. This is called "suggestability". They will subconsciously seek a (false if necessary) internal logic or even a leap-of-faith to understand the author. If they are too tired to question this understanding, they will keep it and use it as if it were fact, gleefully making false judgements baed upon the supposed "fact."
AKA: sales pitch.
Re:Bayes Theorem (Score:3, Informative)
Funny, cause the UK doesn't. It was downgraded from Class B to Class C last year, with a pilot program in one London borough with the only thing the police can do is confiscate it - a program that is exepected to be extended to the whole country soon, and the committe charged with making recommendations on drug policy have reported that it should be decriminalized, which is expected to be accepted by the Home Secretary. In fact, in the UK, the whole "War on Drugs" approach is widely seen as a failure, with the minor opposition party having decriminalization of all drugs (As happened in Portugal last year) as a platform, and many members of both major party agreeing with that policy. BTW, the drug most likely to be associated with crime is ... alcohol. "between 72% and 82%, depending on the area, testing positive for alcohol. " (http://www.druglibrary.org/schaffer/Library/studi es/runciman/pf7.htm)
Re:Bayes Theorem (Score:3, Insightful)
Hardly a UK specific viewpoint, even in the US there is plenty of evidence that prohibition/war on drugs is an expensive farce.
Maybe with the possibility of a ceasefire in the "war on drugs" politicans feel they need a "war on hackers" to compensate.
What Is Considered "Subversive and Illicit" (Score:3, Insightful)
"It's older, it's not tied to Microsoft or AOL or a big company, it's one of the Internet protocols ... so if you're running Windows or Linux or Macintosh or another flavor of Unix, you can use it," says Schneier. "So it's not that it's more suitable for hackers to use, it's just a more basic service and people who are anti-big-corporation are going to be more likely to use something like IRC."
This spokesperson is basically saying that chat outside the venue of a benevolent, all-watching big corporation is evidence of intent to cause harm to the capitalist system, by extension. (and don't forget all of the child molesters hanging out on ... er... AOL!!)
While many are mocking the origin of the story, don't laugh.
Civil liberties can easily be eroded by the F.U.D. and implied subversion that a large media company such as CNN can implant in the minds of readers over a perior of time. "Chat room" == "bad unsupervised people up to no good" can become implanted in reader's minds subtly by repetition... with the terrorism paranoia running rampant in our society, spin like this ain't positive.
This den of 3\/1|_ |-|@x0r5 must be stamped out. (Score:2, Funny)
This credit card theft, cracking, terrorism promoting menace of a protocol and its operational cells [cnn.com] must be stamped out immediately! Somebody call John Ashcroft!
I'll take irony for 500, Alex.
Goodness gracious!! (Score:2)
the picture (Score:2, Funny)
Government knows already (Score:2, Informative)
That criminals use the internet for 'identifty teheft' is not news Even the US government is on the case: [house.gov]
The original article seemed very alarmist. Is it really such a problem? My skimming of a US government report from some years ago [gpo.gov] revealled the following interesting information (emphasis added):
The Wild Wild West. (Score:2, Funny)
YEEEHA!! I'm gonna rustle me up some trout to slap!
Check your wallet. (Score:5, Funny)
Opens up wallet.
OMG! He's right! Someone stole a CC number off the Internet and put it in my wallet! These hackers are good!
This story (Score:3)
The author [cnn.com] "With more than 23 years of journalism experience to draw from, Renay San Miguel is a technology anchor and correspondent for CNN Headline News based in CNN's world headquarters in Atlanta....From 1997-2000 he was with CNBC, where he served as a correspondent specializing in technology and the Internet. "
really needs to have 23 years of experience in how to research a story. And anyway, how on EARTH can someone from 1997, "..specializing in technology and the Internet.." not have ever used or seenIRC???
If he knows what IRC is, and STILL wrote that, then he really is just a sh1t stirrer, first class.
Nothing to see here: move along!
Read carefully, Slashdotters (Score:2)
This is the real thrust of the article, although it's brevity and excessive misuse of the word "hacker" makes it easy to miss. The article isn't slamming IRC as an evil haven of credit card thieves, it's pointing out that there's an entire chunk of the Internet called IRC that most people aren't aware of, and that it's possible, if not likely, that your credit cards and other personal information are being bought and sold on it right now.
Re:Read carefully, Slashdotters (Score:2)
And yes, it's a real concern for those that aren't aware of identity theft, don't fully examine their bills, and so forth. It may be a surprise to people that their CC#s, once revealed -- which they do every time they use them -- might be posted somewhere and used 'round the globe until the issuer's fraud-detection algorithms flag the number, or the limit is hit. And some may not be aware that the Feds aren't completely oblivious to the situation...
ugh, hackers? (Score:2)
between a hacker and a _cracker_? I've spent
enough time on IRC to know 99% of the people they
talk about in this article are just clueless
12 year olds who try to impress eachother
with their 'el33t'
Uniformed Reporting (Score:3, Interesting)
Of course these people will go to IRC chat rooms all the time, hell like every other type of computer geek on the internet they like to boost. It's natural for a geek to go somewhere and brag about their exploits.
The claim that identity theft is running wild and it's the fault of the hackers is an amazing assumption. While I do believe things like this happen to people around on many occasions. I do not believe it's as large scale as some people would have us believe. I have seen many more cases where identity theft is caused by people in the real world either losing their wallets. or other malicious deeds in which a criminal gets information from a victim.
You should automatically assume your credit card was stolen? Frankly if your not reviewing your credit card transactions you are a fool. But again. there are many more cases of this happening because of a store employee collecting the information some nameless computer hacker who is out to get you.
Why would things like pirated software, child pornography, and stolen information be available on IRC? It's a quicker communication medium. It's easier and faster for people to exchange the information then web pages or e-mail.
People use IRC networks like EFNET, DALNET, GAMESNET, etc. as opposed to AOL or Microsoft because the big business companies consider their users to be morons that don't need more advanced forms of software. When your network blocks out all types of profanity because it's "bad" many people are going to look to communicate where they can speak as they wish.
As for the law enforcement issue it is up to all the irc networks in question to regulate the going on in their own set of servers. I'll use Gamesnet as an example. They are constantly attempting to stop the "warez trade" from happening on their network and have assisted law enforcement when they find out their users are committing crimes.
The FBI gets lucky because like all criminals people who are involved in things like identify theft, child pornography sing like canaries. that's the only reason they get lucky. the boasting of hackers helps the FBI catch hackers
Not according to this guy.... (Score:2)
Depending on how you read it, it's either hilarious parody or a woefully misinformed parent. I was in the hilarious parody camp until I saw the rest of his articles. [adequacy.org]
Did I lose my mind... (Score:2)
Is someone going through the list (sorted first name first, like every ignorant person will do) and doing something to those people? Is there something in common? Or everyone and his dog suddenly became a patriot of the Corporate States of America, so those coincidences are merely a result of high density of this ?
To be honest, I would be equally disgusted in both cases, so I'll rather stick with the hypothesis of my insanity.
if they think IRC is hacker heaven... (Score:2, Interesting)
Absolutely absurd. (Score:2)
And I don't totally trust this "Applebees" restaurant chain, neither. John Birch says they're pinkos.
Dont hope my Mom reads this. (Score:2)
which i am ofcourse i hack some c every day, but never the less this could set my reputation in a wrong perspective, lets DDoS CNN again =D
Quazion.
Oh yeah, god forbid! (Score:3, Insightful)
Trading porn including child pornography (tm).
Trading illegal mp3's.
Trading illegal movies.
Trading illegal books.
Trading illegal software.
Trading illegal TV shows.
Stalking.
Preying grounds for Child Molesters (tm).
Learning BAD english "31337 anyone???"
Discussing illegal activity.
DOS zombie gathering points.
Trojan access gathering points.
Oh, and of course, its primary purpose, so that large groups of people can easily gather online in a user friendly way to discuss various topics of interest to them.
People, its a tool, nothing more. You can use it legally or illegally. I can cut butter or stab someone with a knife. I can buy food or drugs with money. I can use a telephone to call my friends to say hi, or I can prank call someone and threaten to have them killed. And yes, if I really wanted to, I could use IRC illegally. As could I with AIM, or yahoo's chat/forums, or anywhere else that I wanted to.
Yes CNN, Chat rooms are most likely havens for hackers (tm). Its not so much an issue of debate, but an issue of declaring the obvoius. I'll bet they use phones too. And Email. And websites. I mean, if there wasn't an internet, there would still be hackers even though all the reasons you think they're bad would be null and void. Hackers pre-date the internet, even those inflicted with malice. Although, script kiddies are a rather recent breed.
-Restil
Re:In other words... (Score:2, Insightful)
Re:In other words... (Score:2)
Even worse, he's doing his job for AOL. Do you really think that the main goal of CNN is to inform the people?
Re:In other words... (Score:3, Interesting)
I don't think that was either the Schneier's point. I think Schneier was just pointing out the obvious.
If I am not mistaken, AOL has always monitored and censored their chatroom conversations. As a corporation, AOL has the ways and means to control the whole process. With IRC there is not any centralized control--someone can be running an IRC server in their dorm room, specifically FOR illegal activity, and there's nobody for the Fed's to subpoena, since they probably won't even know about it.
All Schneier was saying is that it's a no-brainer for the criminal types to use IRC instead of some sort of proprietary corporate communication method.
Re:In other words... (Score:2, Informative)
AOL does indeed monitor chatroom conversations, but not all at once, and you know when they're being watched, as a screenname "Guide####" appears in the list of people there. In addition, if someone's causing a ruckus, a Guide can be "paged" or someone can submit a TOS violation report, and they'll investigate.
Likewise, for IM conversation (ie, one-to-one conversations), someone can send a TOSV report, and AOL will investigate. But that's only for their ISP users (people that pay for the service), not AIM users.
My guess is that either all conversations are logged and purged after like a day or so, or a snapshot of the conversation is made when a report is filed.
Re:anti big corporations (Score:2)
While we're at it, why don't they just go ahead and just take money right off from our paychecks...soon it will be illegal to give something for free! It's hard not to become cynical in the face of such corporatism - at least they had the honesty of reminding us that AOL/Time Warner is the owner of CNN.
Re:anti big corporations (Score:2)
Its just that most things the tax would be $0.00001 so nobody bothers.
Re:The horror! (Score:2)
Re:paper tiger (Score:2, Informative)
These things do happen!
Re:paper tiger (Score:4, Informative)
Here's just one example of organized credit card fraud on the Internet. Some software piracy groups have *entire segments* dedicated to credit card fraud. They even have a name for these folks: "carders." They'll "card" a laptop, CD writer, etc. for you, and find a way to get it safely received. Many of these folks have huge lists of names, addresses, and credit card numbers that often come from compromised websites.
It's happened to me before. Luckily, I caught it, and I learned from my mistake. I've found a way to help defend against this kind of attack.
Everyone should think about using one-time-use credit card numbers when making purchases from anyone over the phone or Internet. Several credit card issuers offer this feature. Here's an example [mbnashopsafe.com] of one of them.
Re:The first sentence (Score:2)
It's not that way to the real world. It's that way to an uneducated, luddite media (this writer's the technology anchor, for crying out loud, so there's no excuse whatsoever, including "dumbing it down"). When the real world is given 15 seconds of information, they figure out that the web is one part of the internet. They remember that. Really, they do. Go try it with your neighbors sometime -- they're smarter than you give them credit for. If their top technology guy doesn't know the difference between "web" and "Internet", this tells me what I need to know about CNN, and, scarily enough, about AOLTW.
Re:Oh Really? (Score:2)
It's along the same lines of saying that assume that somebody might consider stealing your car every time you park it in a public lot -- meaning that you should lock the doors, secure any valuables out of sight, and so forth.
Re:What we knew all along (Score:2)