#users #computers #hackers #viruses #learning #failures #winning
Not everyone who wants to learn how to become a hacker has this added learning benefit as some others, but being an IT professional means I have the rare opportunity of watching people fail at what we deem just sheer stupid. We wouldn't click a button we didn't trust, we read the rules and programs that we install. We are skeptics of what we click before we click it, and its engraved in our way of thinking and acting. When it comes to going outside our means of mentality, observing what our users do is beyond beneficial as to both how to offend, and defend, ourselves.
I've been an IT professional for about three years now, planning new desktop deployments, working exchange, working on cryptowall virus outbreaks, you know the general run of the mill fun stuff. As a small company we have, for the most part, a one man IT shop, so every little thing that goes awry comes on my desk, and if nothing goes awry I have nothing on my desk. Its a blessing and a curse. One day an employee approached and asked if I could fix a laptop for them and offered to pay me. I have quite a diverse array of sources that can lead to inspiration, and lead to faith destruction as well. I have professional grade workstations with professional work being done, and I have consumer grade computers with consumer grade work done. Not really much else you can gain in the wheel house of things to learn from I assume.
Before I really get into a lot of this, I'd like to really clear up something. These people can in fact drive me crazy yes, any IT professional will tell you the same thing, users can just drive us crazy when they expect computers to do something that just makes no logical sense. But to be clear, that is in our mentality, and our side of the fence. We know what is smart, we know what is ill advised, and we know what is completely moronic, but we also know and that's really the turning point. So yes I can get angry, yes I can get ragey (I may post a rage eventually I don't know yet), but they are sources of scientific study as well. Just keep that in mind.
Ok so I'll start with one of the more fresh incidents in my mind, one of the employee's here asked me to take a look at his tablet and his laptop, I quoted my price, flat rate no big deal, and he agree's. I mean lets be honest most of what I'm going to do is run free programs to wipe some crap out and watch Netflix while eating pizza, so I'm not going to really mind. Plug in his tablet, get his password, and start going to town. Pulled out my toolkit of programs and went away, and the sheer piles of garbage that my tools started popping up with was insane. Backup.exe inside the appdata/temp file directory was running and blocked, shoppingsaver.exe inside the appdata/temp started running and was blocked. Just piles and piles and piles of total utterly pointless applications attempting to run in random instances slowing everything to a crawl. What the hell is this? Better yet why?
For a partner of the company here, he brought in a laptop complaining of his computer going slow, internet not working, sometimes taking him places he doesn't want to go. His kids have lost their Facebook accounts a couple times (yeah not just once), and he was concerned. Brought it in, paid my tab, and I did what I had to do. Turned on the PC with extended load time, about fifteen minutes to load, drove me insane. Once it finally loaded I started popping in my tools to scrub what needed to be scrubbed. Nefarious applications and services killed and blocked, but once again my tools started popping up total and utter crap that I couldn't comprehend. FreeMusic.exe from the temp folder, facebook.exe from the temp folder, just completely useless garbage flooding in with installers all over the place, with install dates MONTHS ago. What the hell is this? Better yet why?A third person asks me to do the same as the other two, I say yes and take their PC home with me as well. Their complaint same thing internet was going slow, they couldn't get their email to load properly, it has viruses on it but the anti-virus they have doesn't work. Plug that sucker in, get a glass of wine, a slice of pizza, and wait thirty minutes for it to load, watch spongebob while its loading because... you know I'm an adult and all. Start putting in my tools and these programs getting terminated by the tools were all very similar, shopping something or other, some form of anti-virus malware tie on crap, some backup application, a weird webpage tool bar installer crap, all executing one after another. What the hell is this? Better yet why?
These are all consumer computers, I'm shocked and baffled as to what I come across why are they getting all these? Surely a corporate environment should be different right? If the permissions aren't set properly, the answer to your question is no, tool bars out the wazoo, weather bug and other applications that are non-conducive to a productive work environment. Why do all these people insist on having this crap? Why does everyone believe its one-hundred percent necessary to download such useless garbage?
There is a common link, a singular educational point that every bit of this information converges upon. Lack of understanding, buzz words, and a common interest seem to be plucking points to consume the masses; feeding off of what someone wants and thinks they can get for nothing or at least at a great discount. No-one really cares to think or research before hand, they just accept this shopping application will help them... somehow. This backup program is free so it'll help. And god damn if you don't see the word cloud at least once in any disinfection attempt you're lucky. Buzz words such as backup, cloud, amazon, shopping, music, weather, toolbar, email, anti-virus pop up non-stop on these computers. Something for nothing, the hacker can pirate why can't they, why can't they get deals? Why can't they get what those who are tech savvy can get?The answer is simple and what I have been taught from those whom come to me for assistance with things. Those who are tech savvy are admired, people want to be us, even those who can't and will never be, still invest in technology they can't handle (how many grandmothers have ipads). They become sheep and follow the crowds and what they are told on TV, radio, or Facebook walls. And although I'm of the mindset to think before I act, knowing how a computer works, and not just clicking all willy nilly, not everyone comes from that mentality. Many people who own computers now own them because they think they need them, or are told they need them. Many people are told they need anti-virus and will download anything they can find from a yahoo! search or MSN browse, usually looking for free. Why? Because they are told they need it, and told it can be free.
How is this learning though? Social engineering my dear readers, social engineering, to attack the masses you need to think like the masses. Want to hi jack Facebook? Want to steal someones log in credentials? Want to extort a computer user because they downloaded a fictitious software? Adhering to the buzzwords makes this all possible, drinking the koolaid to produce something that is destructive is the point that hacking becomes efficient, where we can truly be devastating. Anyone who wants to be an effective purveyor of hacking nirvana, no matter what hat it is you where, has to learn how to incorporate their victims into their plans and incorporate what they want or need to become targeted. Taking advantage of a weakness is always the first step to any good hacker.Learn your target before you start targeting. Know what you're trying to do before you do it. Advertising you want to hack a Facebook account, asking how to do it isn't where you start, learning how to get the account from the individual is where you start. A person who doesn't know any better will download any program, will click any link, will do anything they are told to do if they think it's in their best interests. If you want to exploit that little bit of knowledge, the outcomes are very wide, the potential as to what can be done are almost endless. Its human nature to want to trust someone or something, which makes it the easiest thing to take advantage of on the hacker side of things.
Long post for such a short ending, I know not very eventful, but with the slue of interest around the internet for hacking, or how to hack this, how to hack that, I feel that the principles and foundations should've been thrown into the rough. All too often you see someone who thinks hacking is just typing in some code and commands to get into something somehow, that's not entirely true. Exploiting trust, sounds simple enough, sounds a little stupid too, but its one of the most effective tools we will ever have in our tool belt, and one of the fundamentals we need to learn to be effective. And as always, be safe my goblins.
0 comments:
Post a Comment