digg

Facebook Connect Join Digg About

Crackers learn from open source?

pcadvisor.co.uk Hackers are using techniques popularised by developers of open-source software like Linux to improve their malicious code, a researcher at McAfee has said. Also see http://trends.newsforge.com/article.pl?sid=06/07/15/1331229& from=rss on Microsoft FUD potential

Who dugg this? Made popular Jul 17, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

55 Comments

show profanity settings
expand all
  • inactive, on 10/12/2007, -2/+61"Crackers learn from open source?"

    I didn't even know trailer-parks had computer labs.
  • j3one, on 10/12/2007, -9/+42mmm, white boy got code skilz... !
  • Kamaji, on 10/12/2007, -3/+31Ooh boy, maybe we should ban open source, I mean, that will fix the problem, right?
  • bobpaul, on 10/12/2007, -6/+31I hate headlines like this. They're so stupid and misleading.

    Should read "Crackers use OSS Programming tools" which should be expected. Open source tools are free, afterall.
  • YourTechSupport, on 10/12/2007, -1/+25Don't forget, when you use Open-Source, you're utilizing COMMUNISM!!!!
  • Flankk, on 10/12/2007, -2/+16The people who believe full disclosure is a security threat are the same people who think their software is safer closed source.
  • pcholt, on 10/12/2007, -1/+14Stay tuned for the response story, "Hackers eat at McDonalds"!

    "Many hackers and writers of malicious viruses and worms sustain their bodies using the energy provided by the McDonalds chain of restaurants... "
  • Kickboy, on 10/12/2007, -4/+17How is the obvious news?

    Oh wait... I forgot Microsoft and other companies are still doin' the anti-opensource propaganda.
  • j3one, on 10/12/2007, -4/+15"We think [open-source anti-virus products] are fine. They've never been something that was really in the same class as ours, but we've always been big supporters of open-source anti-virus," he said.

    HAHAHAHAHAHAHAHAHAA... McAfee... that's rich.

    Whats disturbing is that these people are really that convoluted and out of touch with reality. These are sad times my friend.
  • kubudubudubuntu, on 10/12/2007, -1/+10they go out of business if Linux really makes it,. And right now, Linux has got a pretty good chance to do so.
  • chad78, on 10/12/2007, -1/+10I thought that the article was going to be about Nabisco open sourcing the recipe for Triscuits, Ritz, and Cheese Nips.
  • musteval, on 10/12/2007, -0/+9Uh ... yeah. Welcome to the wonderful world of syllogisms, I guess?
  • kurotenshi, on 10/12/2007, -0/+8The PC Advisor article is completely misusing the terms. Hackers actually started the Open Source Movement...It's a shame how we degrade language through pop culture/ignorant media.

    Hacker
    n. [originally, someone who makes furniture with an axe] 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. 2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming. 3. A person capable of appreciating hack value. 4. A person who is good at programming quickly. 5. An expert at a particular program, or one who frequently does work using it or on it; as in `a Unix hacker'. (Definitions 1 through 5 are correlated, and people who fit them congregate.) 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example. 7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations. 8. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. Hence `password hacker', `network hacker'. The correct term for this sense is cracker.

    Cracker
    n. One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker (q.v., sense 8). An earlier attempt to establish `worm' in this sense around 1981-82 on Usenet was largely a failure.
  • buzzedlightyear, on 10/12/2007, -0/+6``In fact it's probably easier to write a virus for Linux because it's open source and the code is available. So we will be seeing more Linux viruses as the OS becomes more common and popular.'' -McAfee 1997
    mcafee makes some pretty stupid statements sometimes.
  • tarball, on 10/12/2007, -0/+5I'm not quite sure what this article is trying to highlight.

    Is it pointing out that Crackers are using a free compiler?? (And if GCC wasn't available wouldn't they just pirate Visual Studio?) Or is it that they are examining OSS code and figuring out ways around security?

    If it is that they are examining code, why are most of the exploits still aimed at Windows which is still closed source?
  • crilen007, on 10/12/2007, -0/+5In traditional logic, a syllogism is an inference in which one proposition (the conclusion) follows of necessity from two others (known as premises). The definition is traditional, but is derived loosely from Aristotle's Prior Analytics, Book I, c. 1. The Greek "sullogismos" means "deduction".

    http://en.wikipedia.org/wiki/Syllogisms

    For those who don't know what it means (like me, cause I didn't).
  • lowerlogic, on 10/12/2007, -0/+5I was thinking the same thing. oWhen I saw the headline "Hackers learn from open source" I thught, "No duh! Hackers are people who write open source programs!" Then I remembered how every non-hacker created media outlet misuses the word 'hacker'. Oh well.
  • golgo13, on 10/12/2007, -1/+5PoptartKing, you're unfairly picking an arbitrary/ relatively new open source product and comparing it to a closed source product. For instance I could just as easily say that McAfee sells an inferior product because McAfee's products don't run under Linux while ClamAV does. We could however compare commercial servers using ClamAV vs commercial servers running McAfee AntiVirus, is there even one? How well does McAfee's product run on Windows 98, I'll bet it doesn't compare to ClamWin's performance.

    Given the choice between running McAfee's Antivirus product and nothing, I'd choose nothing. I can't argue with your preference, but because you *like* something more that doesn't make it a better product.
  • bobpaul, on 10/12/2007, -0/+4@i440
    He wasn't being cute. [Deprecated] is written in front of definition 8 on Dictionary.com
    See for your self http://dictionary.reference.com/browse/hacker
  • 022A, on 10/12/2007, -1/+5It's not pointing out anything.

    The guy who made the statements and the guy who published them are both being irresponsible. They're name-dropping "open source" because the term is hot and they want to raise awareness of Sage and earn hits respectively. They might as well have gone all the way and referenced some kind of terror angle to complete the promotional mix.
  • Kazrog, on 10/12/2007, -0/+4Propaganda. Why criticize what you don't understand?
  • 022A, on 10/12/2007, -4/+8It's time to let go of the term hacker. It doesn't matter where it came from or what it "really" means. The malicious definition is so pervasive that everyone would be better served by just outright explaining what they do or coining new terms until something catches on.

    Someone who still insists on calling himself a hacker is nearly as bad as the ***** who get a kick out of saying niggardly instead of stingy.

    They're more interested in smugly "educating" someone than commincating clearly in the first place.

    Get over it, move on. Take a cue from make: magazine and find something new.
  • jlabs, on 10/12/2007, -2/+6"The people who believe full disclosure is a security threat are the same people who think their software is safer closed source"

    full-disclosure IS a security threat..when the researchers are irresponsible and don't wait until a proper fix has been released distributed.
  • bobpaul, on 10/12/2007, -2/+6@i440
    But they aren't using techniques popularized by OSS programmers. They are using OSS programming tools. "Techniques" makes it sound like they are using programming methods learned from Open Source Developement. They aren't. Using MS VisualStudio isn't a technique. Neither is using CVS to store your code.

    Now if they were borrowing code from the linux kernel to make their viruses or something, that'd be a different story. But how is this news other than it was a statement made by some idiot at a large company? If I was writting a virus, I would probably be a pretty smart programmer. As a smart programmer I would use the best tools for the job. Tools like CVS mentioned in the article are really good tools, plus they're free so I don't have to spend money buying tools to write viruses, or waste time pirating tools to write viruses, I can just get down to work. This really is a "no *****" situation.

    Smart programmers do smart things, but that really doesn't have anything to do with the open source movement. McAffee just wants attention, and FUD like this provides it.
  • PoptartKing, on 10/12/2007, -3/+6errr...
    Have you tried open-source virus protection programs? Not to hate on clamwin or winpooch (I use both when on windows), but McAfee beats the everloving hell out of them at the current time. They're continually improving of course, but right now they just aren't very impressive.

    Don't immediately jump on derogatory comments by propietary software devs just because they're from propietary software devs.
  • PoptartKing, on 10/12/2007, -1/+3I'm comparing the two because that's what the McAfee person was comparing, the comment which others found ridiculous and I'm attempting to defend. I'm not arbitrarilly pitting the two.
    As the onus is on me, I might as well start throwing around links:
    http://www.pcwelt.de/news/sicherheit/132680/
    http://www.virus.gr/english/fullxml/default.asp?id=72&mnu=72
  • crilen007, on 10/12/2007, -1/+3One can only hope and dream of such a reality.
  • PommieZ, on 10/12/2007, -2/+4Opensource is helping malware makers because they use CVS?
    Good Lord! What's next, using Microsoft Word to write a ransom note for a kidnapping?!?
    DAMN YOU, CLOSED SOURCE OFFICE SOFTWARE!
    </sarcasm>
  • Deusiah, on 10/12/2007, -0/+2Hackers don't write malicious code with bad intent, "Cracker" is the correct term n00b :P
  • whiterajah, on 10/12/2007, -0/+2The one thing that's interesting in this article is that crackers / hackers are now more organized and sophisticated than they were in the past. Constructing botnets is no longer just for script-kiddies swapping techniques on IRC channels, but for real organized criminals using the best tools available to them to co-ordinate their efforts. And some of the tools happen to be open source project management techniques. The targets are still unsecured Windows systems, though.
  • koguma, on 10/12/2007, -2/+3Misleading title. It's Hackers, not Crackers. Very very different types of people.
  • pcholt, on 10/12/2007, -1/+2For those who missed the reference:
    http://www.netc.org/openoptions/background/roadster.html
  • regeya, on 10/12/2007, -2/+3I can just see the kuro5hin.org posts now: "OPEN SORES HELPS HACKORZ LOL"

    Never seen a bigger bunch of MS fanboys in my life! Well, except for any publication Dvorak works for. *wink*
  • sailor, on 10/12/2007, -0/+1This propaganda brought to you by open source haters everywhere...
  • nofxjunkee, on 10/12/2007, -1/+2This is complete BS. OMG THEY'RE USING CVS! ... I'm pretty sure that Windows & Mac OS dev teams keep their ***** in version control as well. Pretty much any significant project does, at least the sensible ones. Whether they release the code or not.

    Poor McAfee can't keep up with them and is looking for a scapegoat.

    Even if they use open code to create viruses, open code allows anyone to learn regardless of intent. Like a library.
  • sworoc, on 10/12/2007, -0/+1"We think [open-source antivirus products] are fine. They've never been something that was really in the same class as ours, but we've always been big supporters of open-source antivirus,"

    Interestingly enough, I agree that clamAV is in a much different class than McAfee... in my computing experience, I've never gotten a virus while using clamAV. However, my family members have frequently had problems with viruses while using McAfee. Maybe it's because I'm using an OS written by those terrible "Open Source Hackers".

    Either way, it's only a matter of time until we see the difference between McAfee and those other programs that aren't in their class. May the best man win.
  • jlabs, on 10/12/2007, -3/+3"In fact it's probably easier to write a virus for Linux because it's open source and the code is available. So we will be seeing more Linux viruses as the OS becomes more common and popular.'' -McAfee 1997"

    Mcafee was under the impression that linux would be in every home within the coming years...they were wrong...which is why there are no/few linux viruses. Cluture is a key component to the spreading of viruses (an example of this: Name the last new DOS virus..can we conclude that it's as secure as linux?)
  • synkipate, on 10/12/2007, -1/+1In other news....kids learn how to swear and fire guns from TV and video games!

    ...Waste of Digg-space
  • Garda, on 10/12/2007, -3/+3Something boils inside of me just a little when i read ***** like that.

    It's the same thing as saying that there's something wrong with Ford because a crazy guy decided to run down people in a Ford. Or that K-Mart is an irresponsible company because the steak knife that somebody used in a murder was bought from K-Mart.

    I've got something for you, I bet that >90% of all the child porn on the Internet is being viewed by people using Microsoft Windows. I think that everybody should be enraged that M$ is supplying the people exploiting young children with the technological means to do so.
  • jlabs, on 10/12/2007, -3/+3"The PC Advisor article is completely misusing the terms. Hackers actually started the Open Source Movement...It's a shame how we degrade language through pop culture/ignorant media"

    I hate to tell you this, but the word "hacker" and "cracker" have new meanings. Just like the word "gay". In the 50's, it meant to be happy..but I don't think you would be using it in that context these days. It's not being misused..it's just the evolution of language.
  • opusagogo, on 10/12/2007, -2/+2This article is correct. I solved all my car problems after I paid to get my hood wielded shut!
  • userian, on 10/12/2007, -1/+1Crackers learn from McAfee?
    "crackers learn techniques such as annoying popup windows and software that likes to leave its mark all over the system from McAfee"
  • bobpaul, on 10/12/2007, -2/+2@jlabs
    DOS is probably even more secure than linux. Have you ever tried to use DOS in a networked environment? What a pain in the ass! But seriously, without decent networking support viruses spread very slowly. There are more viruses for XP than other platforms for 4 reasons:
    1) Networking is highly integrated, but the firewall isn't and was off by default.
    2) It's had many bugs that allow remote code execution, specifically in Internet Explorer (which is also heavily integrated) and some of the network stacks of windows itself.
    3) Users almost always run as administrators.
    4) Strive for backwards compatibility (which caused some of the above choices to be made).

    I don't expect there to be as many viruses for Windows Vista because of some of the changes they are making to address my short list above (IE is seperate, password required to do "administrator" things, firewall on by default, etc). Does that mean it'll be less popular than XP? Maybe, but not because it doesn't run viruses as well.

    Sure, if I was writting a virus I would sort of look for what product has the most market share. What I'd look for is "which security hole has the most market share." That's why there are still more viruses written that exploit Windows IIS than Apache even though the latter is a very popular webserver, perhaps more popular.
  • crilen007, on 10/12/2007, -2/+2What?
  • aphor, on 10/12/2007, -1/+0Lynch Donald Knuth! He is the living vessel of Satan, like Alan Turing or Charles Babbage before him.
  • infonography, on 10/12/2007, -1/+0Well here we have an example of the few remaining Priests of Technology. They wear white coats and think that people should stay out of their labs.

    Not quite a Mad Scientist, more of a grumpy curmudgeon.

    Refer to this URL as to what he is; use the chart!! http://www.toodarkpark.org/textfile.cgi/computers/humor/sysadmin-types

    I vote for The ADMINISTRATIVE FASCIST
  • JonForTheWin, on 10/12/2007, -3/+2This article is horse *****. CVS is a collaboration tool. It's a tool for collaborating to make better . . anything.

    Here's a perfect analogy for this article:
    "The (illegal) president bush and dick cheney and other criminals are able to conspire better because of their filing cabinet. Oh what a price to pay for the technology of how to build a filing cabinet be open."

    This is propoganda for the windows sheep to feel nice and comfy.
  • bobpaul, on 10/12/2007, -3/+1
  • infonography, on 10/12/2007, -2/+0sorry, it's FASCISTIC IDIOT:
  • i440, on 10/12/2007, -5/+1Sorry, but just because you decided to be cute and add the [deprecated] tag in front of definition number 8 doesn't mean that the definition will suddenly disappear from the dictionaries. All of you "hackers" need to suck it up and accept that, in society, a hacker can mean either one who "who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary" /or/ "[a] malicious meddler who tries to discover sensitive information by poking around" If you don't like it, stop using the term.
  • Fetching more discussions...
    Show 51 - 55 of 55 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.