Why won't people let you help them?

What is right? Is there right? Are you right?

Re: Why won't people let you help them?

Post by Phantom Wolf on Mon Mar 21, 2011 10:18 pm
([msg=55348]see Re: Why won't people let you help them?[/msg])

Goatboy wrote:I am pretty sure people get mad based on some psychological desire to be right. By revealing a flaw in their system, you are essentially saying "You dun goofed." Or it might just be that they see you as a threat and don't know any other way to react.

This is true in many cases, but I'd like to add something.

More and more I see a lot of 'webmasters' who use something like FrontPage to build their website and know hardly anything about HTML, much less things like PHP or SQL. So, when a well-meaning person finds a problem and tells them about it, they get scared and don't really know how to react. A lot of them probably jump to the conclusion that if this person knows how to do this, then they're some kind of super-hacker, and they inherently think that all hackers are evil people looking to destroy stuff and steal personal information. Therefore, they jump to the conclusion that this well-meaning person is a threat

Just an idea, I could be wrong.
pretentious wrote:My post was mealy suggesting that the action by itself might not be illegal, only the consequence.
You get arrested for killing the person, not firing the gun. Or something like that. Anyway, it's not worth debating, i'm probably wrong.

What about attempted murder? You could get arrested for firing the gun and missing. I think it's a matter of intentions. I might ask my lawyer next time I see him, he's a member of the family so I see him every once in a while
"Well it isn't my fault. I shouldn't have been allowed to do something to crash it." "No, you shouldn't have been allowed to buy a computer in the first place"
Phantom Wolf
Poster
Poster
 
Posts: 271
Joined: Wed Mar 03, 2010 8:45 pm
Blog: View Blog (0)


Re: Why won't people let you help them?

Post by pretentious on Mon Mar 21, 2011 10:48 pm
([msg=55349]see Re: Why won't people let you help them?[/msg])

Phantom Wolf wrote:
pretentious wrote:My post was mealy suggesting that the action by itself might not be illegal, only the consequence.
You get arrested for killing the person, not firing the gun. Or something like that. Anyway, it's not worth debating, i'm probably wrong.

What about attempted murder? You could get arrested for firing the gun and missing. I think it's a matter of intentions. I might ask my lawyer next time I see him, he's a member of the family so I see him every once in a while

You are absolutely right, though have you ever herd of someone been charge for an attempted hack.
National News wrote:3 teenagers have been arrested after failing to use correct syntax while attacking example.org with SQL injections
I'm sure intentions play a massive role in legal matters surrounding this kind of thing. It all seems like a really grey area to me.
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
pretentious wrote:Welcome to bat country
User avatar
pretentious
Contributor
Contributor
 
Posts: 705
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: Why won't people let you help them?

Post by Phantom Wolf on Mon Mar 21, 2011 11:04 pm
([msg=55350]see Re: Why won't people let you help them?[/msg])

pretentious wrote:It all seems like a really grey area to me.

As I already mentioned, I'm not the lawyer in the family, but from what I've seen computer laws in general are 'gray areas'. Probably because the people making the laws know absolutely nothing about computers. This happens in a lot of other areas too.
"Well it isn't my fault. I shouldn't have been allowed to do something to crash it." "No, you shouldn't have been allowed to buy a computer in the first place"
Phantom Wolf
Poster
Poster
 
Posts: 271
Joined: Wed Mar 03, 2010 8:45 pm
Blog: View Blog (0)


Re: Why won't people let you help them?

Post by bandchicky314 on Fri Apr 01, 2011 7:45 pm
([msg=55822]see Re: Why won't people let you help them?[/msg])

I don't think that people can be arrested for an attempted hack because they can't trace everyone who attempts to hack their pages. Hmm that sounded funny.. what I meant to say is that they can't determine who was poking around their stuff if a breach in security wasn't made. But I do not know so please correct me if I'm wrong.
bandchicky314
New User
New User
 
Posts: 20
Joined: Sat Jan 08, 2011 11:14 am
Blog: View Blog (0)


Re: Why won't people let you help them?

Post by Phantom Wolf on Fri Apr 01, 2011 10:16 pm
([msg=55829]see Re: Why won't people let you help them?[/msg])

bandchicky314 wrote:I don't think that people can be arrested for an attempted hack because they can't trace everyone who attempts to hack their pages. Hmm that sounded funny.. what I meant to say is that they can't determine who was poking around their stuff if a breach in security wasn't made. But I do not know so please correct me if I'm wrong.

In many cases it would be plainly obvious. For example, I run an http server, it doesn't have anything complex, just one page containing the output of a program I'm working on and another displaying two tables of an SQLite database that the program manipulates.

However, if I look at my server's logs, I see a handful of requests for files under a directory titled "phpmyadmin", along with a few odd requests which are apparently a signature of a once-dignified security tool. Now, I think it's safe to assume that someone's trying to hack into my server, probably to make it part of a botnet.

But, not every attempt would be as obvious as this example, and even though I do know the attacker's IP, tracing it to a single person would probably be impossible. I'm not an expert, but I would think that in most cases, how much damage you did would have nothing to do with how easily you could be traced.
"Well it isn't my fault. I shouldn't have been allowed to do something to crash it." "No, you shouldn't have been allowed to buy a computer in the first place"
Phantom Wolf
Poster
Poster
 
Posts: 271
Joined: Wed Mar 03, 2010 8:45 pm
Blog: View Blog (0)


Re: Why won't people let you help them?

Post by acevic on Sun May 22, 2011 11:32 pm
([msg=57674]see Re: Why won't people let you help them?[/msg])

Incompetency in site admins is something very common from where I originate. I started my journey in IT security recently and I have been able to point out major vulnerabilities in enterprise and government websites. A simple SQL injection or even some of the most basic DOS attacks are capable of bringing down over 80% (guesstimated figure) of the web sites belonging to this area and I figured that out as an amateur. Trying to do some good, I initially approached a few admins, who, to my surprise either had no idea what I was talking about (apparent) or simply let it pass. At one stage, I tried reporting flaws to the management, but instead of doing any good, my actions ended up burning a few site admins, who were replaced by equally incompetent ones. They should at least pass an international qualification security standard for government web sites and people should be more open to accepting their mistakes and rectifying them instead of leaving them as is.

So a question for everyone who reads this. In my position, is it justified to report insecure sites to the company management? (bound to result in burning admins instead of fixing the problem)
My crime is that of outsmarting you, something that you will never forgive me
for.
User avatar
acevic
Poster
Poster
 
Posts: 328
Joined: Mon May 16, 2011 10:12 pm
Location: Siberia
Blog: View Blog (0)


Re: Why won't people let you help them?

Post by Delaney12 on Sun May 18, 2014 4:42 pm
([msg=80814]see Re: Why won't people let you help them?[/msg])

Some people don't like to ask for help...I am one of those people.
Delaney12
New User
New User
 
Posts: 21
Joined: Thu May 15, 2014 4:09 pm
Blog: View Blog (0)


Previous

Return to Ethics

Who is online

Users browsing this forum: No registered users and 0 guests