\ / _\/_
Scene check .-'-. //o\ _\/_
-- / \ -- | /o\\
Stay on top but remain from the underground | |
Here's a small excerpt from the latest Phrack, containing a couple of
interesting statements. Jesus this editor really needs an editor.
> We didn't get any news from the Underground since our last phrack issue,
> it means that one more time all the news reports are coming from
> friends of our's.
> It would be good if people who claim themself "underground" would send
> us their news...
> Is our underground dead? (apparently yes...)
Did you not see ZF04? 2l8? Geist? The underground is here. The news is getting
around, with or without you. (Shouts to the hardcore at 2l8, geist, h0no,
dikline, everyone who didn't want to be named, and everyone else)
This year is retro. Lots of hacks. Brings a warmth to our hearts. And pr0j3kt
m4yh3m is back, the kids have taken it up. It's probably temporary, and it
might just be the latest way for a bunch of people to try to get attention.
We'd like to hope that it is not just a fad, that some people are really
behind it and genuinely want to exit the skiddie scene. If we can give one
piece of advice though, it's that even in pr0j3kt m4yh3m--nay, especially in
pr0j3kt m4yh3m, some targets are more worthy of your time than others. It's
a black and white world, where some white is worse than others and really
needs to be hit.
The other side of that is that some white is better than others. Even people
who thoroughly support the pr0j3kt will grudgingly acknowledge that there are
some whitehats that we don't need to despise and attack. One particular group
that we have trouble coming to terms with is hackers who moonlight as security
professionals. The worst kept secret in the scene is the huge prevalence of
underground characters who play whitehat during the day and hacker at night.
We can slag them all for deluding the scene for years and spreading rhetoric
that contradicts their actions. But we won't, too much.
We aren't here to criticize. In many cases, we're talking about our betters
and/or our elders. We recognize your talent. You're good and you deserve to be
paid for your expertise. But we need some new kind of morality. Maybe now it's
cool to hire blackhats, like a bribery thing. Pay a nice wage to a former
blackhat, for his skills not his leaks, and the scene will leave you alone
more. Buy two blackhats and we'll give you a free slurpee. This kind of
understanding could work as long as it is respectful: you and your hacker
cannot abuse the underground. Don't leak, don't kill our bugs, keep us a little
bit informed, let the hacker share his research with his friends. You gotta
give a little back to the scene, you know? Everytime a blackhat moves up, it
hurts the scene. He loses valuable hacking time. He gets compensated, but we
don't, so we are a little bitter. But that's the way it is. If you can hire
talent in a way that minimizes the damage to the scene, we can respect that. It
wouldn't be pr0j3kt m4yh3m anymore, it'd be Project Reality. We can save the
fury of pr0j3kt m4yh3m for those who do not comply and who pretend that the
underground does not matter.
That goes for purebred whitehats too. If you have a (proper) blackhat friend,
that goes a long way to keeping you from ending up in one of these. Discuss
techniques, offer advice, and never turn on him.
To all the new kids out there: learn to code really well. Knowing how to hack
pigeon holes you into doing security or admin work (and who really wants to do
admin work?). But if you can hack and code REALLY well, you have *many* more
options to explore. But the most important thing to remember is to hack and
have fun. Once you quit having fun with this, it's a job. And that's not the
spirit of hacking at all. Not at all.
Maybe the scene is rebounding. Really, the only thing we can do is hack
together or not hack together. As long as we have the smarts to rm others and
not rm ourselves, let the good times roll.