Sign in to follow this  
Followers 0
StankDawg

INTENT is important!

12 posts in this topic

Because it is a common occurance in this forum in particular, I thought that I would post a clarification for anyone who may post here that INTENT is a very important part of your post. Intent is a legal term that shows what your goal is and is similar to a confession (in advance) to what you are trying to accomplish.

I think an example may clarify...

BAD QUESTION:
[quote]I want to hack into my ex-girlfriends web site which is a blog that runs WORDPRESS. Can someone tell me how to do this?[/quote]

GOOD QUESTION:
[quote]Does anyone know if wordpress version 1.3.1 has any vulnerabilities?[/quote]

The reason why these posts are different is the intent of the posts. The first example is a request for assistance in doing something illegal. This is not (necessarily) a statement towards the MORALITY of this action, but more to the LEGALITY of asking here in these forums. By stating your intent, that makes me liable for any actions that may result from the responses posted here. It can be claimed that I not only allowed, but encouraged it by allowing the thread to exist and allow responses to it. This is one of the reasons that we have certain rules.

The second post is better because it does not state any intended purpose. It is a simple question and we do not know what your intent it. I trust that anyone posting like this is doing it for reasons of their own and are probably testing out the security on their own box that they control. I give all users the benefit of the doubt. But if you post something that explicitly states some intent, then the moderating team is forced to take action. I also remind our users to LET THE MODERATORS HANDLE THESE. Do not quote the rules at people because ultimately only the moderators are trained (and yes, they do get training) to be able to intepret this.

Hacking is about exploring. And breaking/hacking wordpress (or anything else) is a valid topic and very much encouraged for discussion. You just have to be doing it for the right reasons. If you are doing it on your box (or assumed to be doing it on your box) then this is good, healthy curiosity and an educational pursuit. This is great and we welcome that pursuit.

All I am saying is "THINK BEFORE YOU POST". Thank you.

Share this post


Link to post
Share on other sites
I dont think people will follow this.

If you understand enough to say "i need to be able to hack wordpess blog running 1.3.1" then you will not say, "i need to break into my gf/bf's blog"

Share this post


Link to post
Share on other sites
I agree with you 100% StankDawg. The main issue I think many of the younger individual's on these forums do not understand is that the idea of hacking is not causing any damage. For example, I have accessed systems as I’m sure most people on these forums have. However, when doing so I never destroyed any data or document's and always informed the company of the security hole so that they can have adequate time to fix the bug.

I would hate for these idiots to ruin everything the group has built up, do to some child not fully comprehending the legal aspects of what they are attempting to do.

[b]I think it’s also important to note: [/b]That federal agency’s access these sites regularly – and the moderator’s have a duty to protect the community’s servers from being pulled down due to a government agency investigation. I’ve known companies and organizations that have had this happen in their data-centers and it really sucks.

Share this post


Link to post
Share on other sites
I completely agree.
Hacking is for intellectual knowledge, hacking is not for physical gain, revenge, popularity, or media attention.
I would much rather be paid to hack something and fix its' vulnerabilities, then hack something and go to prison. Edited by R4p1d

Share this post


Link to post
Share on other sites
[quote]... FAIL ...

Its obvious noone gets on google anymore, because the Answer is right there ... Take it from me, you learn more by not doing something then you would attempting something!!! if its revenge or something bad in your thoughts ... Let it go! If its wondering how something works, install a system like thiers, or have a friend do it, and have them give you access to a prive system to test on[/quote]

umm I think people understood me wrong, I'm sorry again if I gave the wrong question, like I already said I want to learn more stuff, and my main goal isn't about cracking websites,systems and stuff, I just want to learn hacking in general. And I don't have any problems with my gf, (i got her password for myspace) and I'm sure I wouldn't do anything stupid like that just to check if she is cheating on me.

[b]Just Note that[/b] I'm not cracker, I want to learn hacking.(Definition is here:http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212220,00.html)

:huh:
1 person likes this

Share this post


Link to post
Share on other sites
I think we should come up with more GOOD question BAD question examples, I found the girlfriend one hilarious. :P

Share this post


Link to post
Share on other sites
[quote name='StankDawg' timestamp='1207711881' post='304724']
Because it is a common occurance in this forum in particular, I thought that I would post a clarification for anyone who may post here that INTENT is a very important part of your post. Intent is a legal term that shows what your goal is and is similar to a confession (in advance) to what you are trying to accomplish.

I think an example may clarify...

BAD QUESTION:
[quote]I want to hack into my ex-girlfriends web site which is a blog that runs WORDPRESS. Can someone tell me how to do this?[/quote]

GOOD QUESTION:
[quote]Does anyone know if wordpress version 1.3.1 has any vulnerabilities?[/quote]

The reason why these posts are different is the intent of the posts. The first example is a request for assistance in doing something illegal. This is not (necessarily) a statement towards the MORALITY of this action, but more to the LEGALITY of asking here in these forums. By stating your intent, that makes me liable for any actions that may result from the responses posted here. It can be claimed that I not only allowed, but encouraged it by allowing the thread to exist and allow responses to it. This is one of the reasons that we have certain rules.

The second post is better because it does not state any intended purpose. It is a simple question and we do not know what your intent it. I trust that anyone posting like this is doing it for reasons of their own and are probably testing out the security on their own box that they control. I give all users the benefit of the doubt. But if you post something that explicitly states some intent, then the moderating team is forced to take action. I also remind our users to LET THE MODERATORS HANDLE THESE. Do not quote the rules at people because ultimately only the moderators are trained (and yes, they do get training) to be able to intepret this.

Hacking is about exploring. And breaking/hacking wordpress (or anything else) is a valid topic and very much encouraged for discussion. You just have to be doing it for the right reasons. If you are doing it on your box (or assumed to be doing it on your box) then this is good, healthy curiosity and an educational pursuit. This is great and we welcome that pursuit.

All I am saying is "THINK BEFORE YOU POST". Thank you.
[/quote]

Yes i completely agree. Although, at times, there are times where you have to be specific enough for people to help you. Things like "i need to hack my xgf's blog. it runs wordpress" are way too specific but sometimes you have to be specific to be able for people to know your situation enough to be able to help you

Share this post


Link to post
Share on other sites
[color="#00FF00"]I agree, but if the intent is truly harmless you should not post viscerally. Hacking and Cracking differ in the fact that one is harmless (Hacking) and one is malicious (cracking).[/color] Edited by nibpunk

Share this post


Link to post
Share on other sites
[quote name='nibpunk' timestamp='1326580065' post='360163']
[color="#00FF00"]I agree, but if the intent is truly harmless you should not post viscerally. Hacking and Cracking differ in the fact that one is harmless (Hacking) and one is malicious (cracking).[/color]
[/quote]

Cracking can be harmless too. If it is done on a computer or on software that YOU OWN.

Share this post


Link to post
Share on other sites

Makes alot of sense StankDawg,

 

I find this as one of the few forums that actually practices or tries to teach its users about common sense. definitely going to like this site. thanks for the heads up.

Share this post


Link to post
Share on other sites

I agree with you 100% StankDawg. The main issue I think many of the younger individual's on these forums do not understand is that the idea of hacking is not causing any damage. For example, I have accessed systems as I’m sure most people on these forums have. However, when doing so I never destroyed any data or document's and always informed the company of the security hole so that they can have adequate time to fix the bug.

I would hate for these idiots to ruin everything the group has built up, do to some child not fully comprehending the legal aspects of what they are attempting to do.

I think it’s also important to note: That federal agency’s access these sites regularly – and the moderator’s have a duty to protect the community’s servers from being pulled down due to a government agency investigation. I’ve known companies and organizations that have had this happen in their data-centers and it really sucks.

 

As you've pointed out, it's a maturity factor involved. I've never personally cracked systems, but I'd like to learn programming and go for my CEH and become a white hat (which sounds like the capacity you were functioning in when you notified the company of the security hole). I personally think that due to the recent celebrity status (more like infamous status) attributed to groups like LulzSec, Anon, and more recently the Lizard Squad alot of young computer users and even those with potential to do good, are being misled into believing that the actions carried out by groups like Lizard Squad is harmless fun.

 

Anon is a completely different entity in it's functionality as a whole, and that's another topic. but majority of young users are not seeing the forest for the trees in my humble opinion.

 

And as expected, I would be more surprised if government agencies didn't lurk these styles of forums. the best way to be protected from new exploits and security holes is to jump into the pit with the vipers and try and gleam some information on new happenings. but at the end of the day, what can you do? you can lead a horse to an IDE but you can make him remember the proper syntax (I think that's how the saying goes  :P )

Share this post


Link to post
Share on other sites
[quote]BAD QUESTION: [quote]I want to hack into my ex-girlfriends web site which is a weblog that runs WORDPRESS. Can someone tell me how to do this?[/quote][/quote] To which I probably would have replied, "why even bother? It's Wordpress, so the damage has already been done". (Just eating the low-hanging fruit, Stank.)
1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0