Alarm Raised On Teenage Hackers 213
Arno Igne writes to tell us that the number of underage participants in "high-tech" crimes has risen steeply in recent history. Reporting children as young as 11 swapping credit card details and asking for hacks, many are largely unskilled and thus more likely to get caught and arrested. "Communities and forums spring up where people start to swap malicious programs, knowledge and sometimes stolen data. Some also look for exploits and virus code that can be run against the social networking sites popular with many young people. Some then try to peddle or use the details or accounts they net in this way. Mr Boyd said he spent a lot of time tracking down the creators of many of the nuisance programs written to exploit users of social networking sites and the culprit was often a teenager."
Gosh, underage hackers with no skill? (Score:5, Insightful)
I wish we had a term to describe that... something that notes the fact they are younger, and simple in their skills... Maybe "script kiddies?"
Re:Gosh, underage hackers with no skill? (Score:5, Funny)
Re: (Score:2)
i can has cheezburger haxs?
Re: (Score:2)
Re:Gosh, underage hackers with no skill? (Score:5, Insightful)
I think you'll agree that hacking and phreaking is different than some n00b using scripts to commit electronic crimes. Hacking something just for the sake of doing it, to learn how it works and to poke around in forbidden space, is different than stealing credit card numbers so you can buy the latest ecksbawks game.
Hacking is still illegal, but but it's not necessarily malicious, like stealing and using someone's credit card number.
Re:Gosh, underage hackers with no skill? (Score:5, Interesting)
Yeah , this is really worth a 'nothing to see here , move along'.
I mean , this is nothing new . It's been that way for over a century.
I don't like that they track down the 'creator's of those nuisance programs ' , though . Programming these things is a fun way of learning how it works.
They should be going after the people who USE it for malicious purpose instead.
I mean , maybe we should just lock up the creators of the Windows API , because you can really do some damage with that.
Re:Gosh, underage hackers with no skill? (Score:5, Insightful)
No reason to go after the guy who makes vehicles. Go after the guy who used it to run someone off the road.
No reason to go after the guy who makes whiskey. Go after the guy who used it to beat someone with.
Your argument goes both ways sir.
Re: (Score:3, Funny)
No reason to go after the guy who makes whiskey. Go after the guy who used it to beat someone with.
What? Beat him with the whiskey?
I just accidentally my friend with the whiskey.
Re: (Score:2)
im willing to bet we can get linus much easier and for more.... /sarcasm
Re:Gosh, underage hackers with no skill? (Score:4, Informative)
Makes sense to me. Most things are legal until you use them to do something stupid.
Re: (Score:2)
>People are legally allowed to convert/purchase/own fully automatic weapons.
Depends on the state.
http://www.mp5.net/info/sbsconr.htm [mp5.net]
Re: (Score:3, Interesting)
Move to one of the states in the link I provided and you can.
Step 1. Fill out ATF form 4 (which includes fingerprint card and $200 tax.)
Step 2. Wait 1 week to 6 months for approval and buy NFA item when the ATF grudgingly accepts that you aren't a felon, insane, or for some other reason not allowed to own Title 2 hardware.
Step 3. Don't profit (Full auto: nothing makes a paycheck disappear faster.)
Re: (Score:2)
I wish we had a term to describe that... something that notes the fact they are younger, and simple in their skills... Maybe "script kiddies?"
That doesn't make headlines like YAMISH [slashdot.org] does.
Re: (Score:2)
Re: (Score:2)
I think teenagers finding a login/password for a pay porn site on a BBS would count as "hacking" to these people.
Anyway, I remember one of the oldest tricks in the book from when I was a teenager that actually involved money. Somebody would get a list of credit card numbers, and that person would order some thing here and there online with one of those numbers. They'd get it shipped to an accomplice friend's house. Since there's some law that anything that gets delivered to a person belongs to that person r
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It relies on being unable to prove that the collector is in on the deal with the fraudster. Because a legitimate postal service delivers the package to a party not involved in crime, it cannot be recovered.
What about if they detect the fraud before delivery, then the police are the ones delivering the package, and when you sign for it, you are receiving stolen goods and they arrest you.
Isn't that how it works with drugs? They deliver it or wait for you to pick it up, then arrest you?
Re: (Score:3, Informative)
In the olden days of BBSs, we used to call them "ruggies" which was short for "rug rats". But "script kiddies" is even more accurate of a description, seeing they are basically just following along a "recipe" for cracking something.
Re: (Score:3, Insightful)
Yeah, I had a friend get caught for credit card fraud in middle school. The days of AOL were full of script kiddies. This stuff is old news.
"Underage"? (Score:5, Interesting)
Re:"Underage"? (Score:4, Insightful)
Ha! good point.
I guess once you are 18 you are no longer too young to go to a federal prison.
This is new? (Score:5, Insightful)
Script kiddies have been around since the AOL days. Hell, I myself got a juvenile laugh out of punters (remember those? God, the AIM clients were so terrible back then) and other "progs".
Mostly I imagine the vast majority of this stuff nowadays is myspace-related. Probably kids trying to break into someone else's myspace page because they're little drama whores like that.
Re: (Score:2)
Script kiddies have been around since DOS days
Re: (Score:2)
I didn't mean to imply (though I did, sorry!) that it began then, mostly it became more commonplace. The AOL days was when the internet was becoming more solidified in our culture and people were starting to get home PCs and internet connections.
Re: (Score:2, Interesting)
Was AOL invented in the 1960s? (Score:2, Funny)
Script kiddies have been around since the AOL days.
I didn't know AOL predated the moon landing.
Re: (Score:2)
Heh, some say the moon landing never happened. I say it did. I'm sure that common ground can be found, though, in wishing that AOL never happened.
Re:This is new? (Score:4, Funny)
Re: (Score:2, Funny)
But it doesn't help that great movies like Hackers make young kids think that they can get with Angelina Jolie if they are just good at hacking.
Oh? You didn't get your turn with Angelina Jolie? I'll e-mail Bob and tell him to put you at the front of line.
Re: (Score:2)
wow.
Isn't that typical. Find anyone or anything else to blame, aside from the actual culprit. I mean, these kids see movies like Hackers, they learn that it is indeed a crime, then they disregard THAT lesson, and only take away from it the fact that if they protect the world from disaster by only doing good with their hacking, they can get the Pretty Girl at the end?
I don't buy it. Nope. Because Hackers is full, from beginning to end, that Hacking is Bad/Illegal/Criminal. So the only thing that movies
Script Kiddies have been around longer than that (Score:3, Interesting)
I didn't really know a damn thing about shell scripts or programming (remember when they were different things?) in those days, but I knew how to change permissions on a file an
Re: (Score:2)
You're right. What I did meant to say was, "...even back since...". The AOL era was just when people were starting to get personal home connections and our culture was starting to accommodate the internet more. I didn't mean that script kiddies started arising in that era.
Re: (Score:2)
I have to admit, I do look upon some of my script kiddie days with a bit of nostalgia as well :)
Re: (Score:3, Insightful)
yea, what bunch of sensationalized garbage. i'd expect this from FOX news, but not from the BBC.
teenagers have always been mischievous, and all hackers start as teenagers. most hackers grow out of malicious/immature behavior by adulthood, so naturally most phishers/crackers/virus writers/script kiddies/etc. are going to be teenagers.
heck, it's our teenage rebelliousness that motivates us to try new things. even though teenagers can be mischievous, it's usually pretty harmless stuff. when i was a in elementa
Re: (Score:3, Informative)
Oh, man. Mentioning AIM punters brings back the old memories of being a script kiddie myself. I had a nice collection of those things as a kid.
I remember finding out about an exploit where IMing someone a certain 5 digits followed by a semicolon instantly crashed their client. I would go into one of the chat rooms, make grandiose false claims (such claiming to be a "super genius"), and then use it on anyone who disagreed with me. A moment or so after I would do it, everyone would see my target silently wink
Re: (Score:2)
As someone that has had much to personal experience with this, I can decisively say that it is much larger than myspace.
-Using skype to make anonymous phone calls. I was home alone and had two pizza delivery men show up. One had $50 worth. I don't eat pizza if I can get out of it.
-Using skype to make anonymous phone calls. I had the police show up, one with pistol drawn and the other with a rifle at the ready. And I mean READY. The phone call had detailed how a car robbery at my house had devolved int
Re: (Score:2)
That's not what a "script kiddie" is. Sociopathic asshole, yes; script kiddie, no.
Re: (Score:2)
I'm curious. Do you mind explaining your basis of distinction between those two terms, because they're not necessarily mutually exclusive.
IMHO, "Sociopathic asshole" goes to motive, while "script kiddie" goes to means.
But again, I'd be curious to hear your point of view.
Re: (Score:2)
Someone who places anonymous Skype calls to harass people is not a script kiddie anymore than someone who places harassing phone calls from a pay phone at a gas station is.
What is the point of your post? Karma whoring? It's obvious what I meant; I never said or even implied a sociopath can't be a script kiddie or vice versa.
A script kiddie just describes a certain type of "hacker", using the term loosely. Usually, by trying to overcome security measures or exploit computer flaws by using someone elses' s
Re: (Score:2)
Got busy (I'm at work), and couldn't finish the list that puts the sociopath in the script kiddie realm.
-There was the defacing of various myspace pages (of people he didn't even know).
-Cracking the school computers to modify my son's high school schedule.
-Various and sundry other activities that all revolve around wasting time in front of a computer while attempting to make other people's lives miserable.
The point of my post is that:
a) it isn't harmless activity. The police showing up with loaded weapons
Using kids (Score:5, Interesting)
That's how I'd operate if I were a fraudster - have the kids to the dirty work and give them a cut. There are hordes of bored shithead suburban kids who would love to be "elite haxxors" and they would most likely avoid prosecution the first time.
Re: (Score:2, Informative)
Yep. This is how a lot of the G's do drug smuggling and some other 'dirty' work of running a gang -- get the underage kids to do it. They get busted, they won't do time, and therefore it's a lot harder to get them to squeal. Ya gotta keep 'em separated!
Of course these aren't your average run-of-the-mill parent-fearing suburban kids either. They're usually the problem-case kids.
Re: (Score:2)
Drug laws are worse. A teenager can buy any drug he wants, because the people selling them don't give tow shits about the law or the morality of feeding drugs to juviniles (who studies, observation, and common sense show will grow up to be hopeless addicts if they start smoking pot or drinking at a young age) but know for a certainty that a twelve year old isn't a narcotics officer. Try buying dope at MY age.
You can buy pot in any high school in America, but you can't buy beer in a single one. If you want t
Re: (Score:2)
Usually they'd be pissing-their-pants scared to rat them out because they know it'd be highly likely that they'd get a hit put on their head.
I forget the term... (Score:5, Interesting)
I forget the term, but there are laws on the books that state that if you are a landlord, and you continually have tenants who engage in criminal activity that the authorities can confiscate the house. It is a slow process, but the point is that if you own the property that you have some responsibility in insuring that it isn't being used for purposes that are harmful to society.
Apply that to social networking sites and...
Re: (Score:3, Insightful)
Apply to ISPs also. Problem is today that most ISPs actively shield users on their system which engage in malicious activity.
The answer is always they will not cooperate without a court order. Of course, if the police ask nicely they cooperate without a court order. But after a system is broken into unless there is at least $25,000 in provable damages you aren't going to get anyone in law enforcement interested. And that is just the beginning.
So if someone is downloading child porn, the police are right
Re: (Score:3, Interesting)
Apply to ISPs also. Problem is today that most ISPs actively shield users on their system which engage in malicious activity.
This is the real answer. Nobody is going to go for MS Windows being too easy to compromise, and nobody is going to go for Myspace (websites generally are not held to real-company laws). However, ISPs that host computers doing phishing, spaming, DDoSing, botnet herding, or other malicious activity should be shut down. I don't care if the computer doing the malicious activity is a compromised Windows machine or not, if the owner is aware or not, or if the owner approved of the ativity or not. Hit the ISPs, le
Re: (Score:2)
Do you care if the ISP/host computer is outside of the jurisdiction of your government?
Re: (Score:2)
Do you care if the ISP/host computer is outside of the jurisdiction of your government?
That is obviously outside the scope of any particular government's ability to intervine. Are you implying that since any single government cannot prevent crime worldwide, that no government should try to prevent crime at all?
Re: (Score:3, Insightful)
Re:I forget the term... (Score:5, Insightful)
Re: (Score:3, Informative)
Re: (Score:2)
Up here in Canada it only applies to drugs though, afaik. If you're aware that a renter is operating a grow-house, you're bound to report them to the police. That's all.
Re: (Score:2)
I would think that they would have to take the size of your building into account. If you house 100 people and 1 or two get arrested each year, that very well could be normal for your neighborhood and have nothing to do with the owner of the building.
Now consider that a place like myspace or facebook has hundreds of thousands of users, the vaste majority of which are 100% legitimate. In my opinion, it would be unnacceptable to pull the plug on those sites because of what a few idiotic kids did in their fr
Re: (Score:2)
please tell me how to evict or inspect property where they have guns.
Also if you call the cops on your tenants, it's counted against you.
So how do you fix that law?
Re: (Score:2)
Kinda funny how this thing has bounced up and down in the modding category. I never once said I supported the idea of property confiscation, or applying it to internet activities... just a pause for reflection.
Continue the mod tug-of-war, gentleman.
Ummm... (Score:5, Insightful)
Problem solved?
Re: (Score:2)
Hackles raised over teenaged alarmists (Score:5, Funny)
Mr Boyd said he spent a lot of time tracking down the creators of many of the nuisance programs written to exploit users of social networking sites and the culprit was often a teenager."
Get off my law... HEY GIMME MY PANTS BACK!
Re: (Score:3, Insightful)
Problem solved?
More like problem created. When 16-year-old criminals discover exactly how much less severe the punishment is for them than 18-year-olds, they all have the same thought: "Crap! I've got less than 2 years to get good at this!"
Jobs for Kids (Score:4, Interesting)
Re: (Score:2, Interesting)
Re:Jobs for Kids (Score:5, Funny)
I wonder if kids had some kind of job if they would be less likely to steal or break the law.
I totally agree, but prostitution is illegal!
Re: (Score:2)
It doesn't seem to deter adults - the director of the Abraham Lincoln Museum here in Springfield, who earns $150,000 per year, was arrested last week for shoplifting [slashdot.org].
Oh no, 11 years old trying to hack social sites! (Score:5, Funny)
The whole of western civilisation is DOOMED!!
Or at least until the kid stumbles across some p0rn links or pictures of drunk 18 year old girls and quickly forgets all about his l337 hacking attempts.
Re: (Score:2)
Well , you did say social sites
Re: (Score:2)
pictures of drunk 18 year old girls
You think they'd be interested in older women?
Thank God for 4chan & co.
Re:Oh no, 11 years old trying to hack social sites (Score:5, Insightful)
Back when I was a kid, it was those skills that we had to develop to GET the pr0n! When the biggest source was a local BBS with a reasonably vigilant sysop, we had to get creative. It taught me a little about social engineering... like if you registered with a totally unpronounceable foreign name, the sysop would just validate you without a phone call because he didn't want to mispronounce it.
25 (Score:4, Funny)
Never trust anybody over 25!
Re: (Score:2)
Very True, Little Brother! Also, never trust anyone under 26.
The school of hard examples. (Score:2)
"Arno Igne writes to tell us that the number of underage participants in "high-tech" crimes has risen steeply in recent history. Reporting children as young as 11 swapping credit card details and asking for hacks, many are largely unskilled and thus more likely to get caught and arrested."
Well gosh darn it. We need to send them to some kind of school so they will not get caught.
Re: (Score:2)
I think being in school really is an advantage. Every time I consider how I might go about "hacking" something (hypothetically, of course), I always feel like the first thing I'd need would be admin access to some system with Internet access that can't be traced to me. Home is obviously out, as is work. I could bring my laptop to some free wifi network, but then I risk someone looking over my shoulder or catching me on video surveillance. The free terminals at the library or Starbucks are possibilities, but
if you can't or won't (Score:5, Insightful)
find a flaw in the system, the flaw will be found by someone else
the nice thing about kids being the perps is that there is no more nefarious purpose than "i did for the lulz". do you really think if these teenagers weren't loudly and clumsily exploiting security holes that someone else with much more nefarious purposes is not expoliting the same security holes quietly and discreetly?
consider kids hacking websites to be that website's security research division. the flaws are found, the flaws are fixed, everyone makes out better. thank god for loud dumb scrit kiddies
seriously, script kiddies are a blessing. they provide incentive to harden your website, incentive that some websites don't have and apparently need
Re: (Score:3, Interesting)
Re:if you can't or won't (Score:5, Insightful)
the difference is (Score:2)
in doing it loudily and clumsily, rather than discreetly and quietly
i didn't ascribe pure motivations to teenaged script kiddies, i ascribed stupidity. of course, some of them are still downright evil in their efforts. but still stupid. better to catch what they are doing now, while they are dumb about it and easier to catch, no?
Re: (Score:2)
It doesn't when you aren't raised to be cognizant of the repercussions of your actions.
It never ceases to amaze me how entitled and amoral many kids are, being so protected from any kind of failure or problems by their parents, being told constantly that they're perfect, they can do no wrong, and nothing is ever their fault.
</rant>
been around for a long time (Score:5, Insightful)
Re:been around for a long time (Score:4, Funny)
Re: (Score:2, Funny)
Fraud was common when I was a kid (Score:4, Interesting)
I grew up in Socal. Many people I knew would beige box 900 numbers to get time on a local BBS. Several got all sorts of gear, mostly paintball crap, through credit card numbers gained through dumpster diving. These were mostly 16-17 year olds doing the deed, with some doing it younger, but it's harder when you can't drive.
The temptation was huge but I managed to not give in. Heck, the temptation still is huge. Why work hard when you can make a few thousand in a few minutes? Oh yeah, because it's wrong. Sigh.
Re: (Score:2)
I was going to say pretty much the same thing. Back in the mid to late 1980's, I remember quite a few BBS's run by pre-teens and teens, primarily operating for the purpose of defrauding telcos, hacking systems, swapping credit card info, and generally causing trouble.
Honestly, I'd say maybe only 1 in 3 actually DID anything with the information, but just having access to it was a thrill, in and of itself, for the other 2 in 3.
I heard lots of stories of people who supposedly "carded" themselves all sorts of
Re: (Score:2)
With the increase in fraud, it's actually easier to get away with things now. Police and FBI only bother going after the big defrauders. Small timers get ignored because there aren't enough resources to pursue them. Order a $1000 computer to an abandoned house and there's basically no chance of the FBI or police bothering. The credit card owner, however, might do it. Even then, the odds of prosecution are low, plea bargains are common, and short or no sentences are the norm.
Fucked up world we live in r
Re: (Score:2)
Credit card holders don't go after people, they call it in to their CC company and get it removed as online fraud for free.
If your CC doesn't have fraud protection, it sucks.
More importantly, if you were going to steal something with someone else's CC, you'd be less likely to get caught if you used a fraud-protected CC.
Parents? (Score:3, Insightful)
This probably boils down to parents that are clueless. "But he was only playing on his computer!"
So parents need to be educated that there's more you can do with a PC and an Internet connection than browse and play WoW.
Sniffing out Parents? (Score:2)
This probably boils down to parents that are clueless. "But he was only playing on his computer!"
So parents need to be educated that there's more you can do with a PC and an Internet connection than browse and play WoW.
Welcome to the new "But I'm being a parent!" [bbc.co.uk]. Be careful what you wish for.
Re: (Score:2)
Parents need to make it clear to their kids what is acceptable behavior and what isn't. 11 year olds probably don't quite see the impact and consequences of what they're doing or they think that they're anonymous behind a wire and the Net is a free-for-all.
Wargames anybody? (Score:4, Insightful)
Seriously, this has been how it is since the early 80s. 25 years ago it was the teenagers who were war-dialing and breaking into time-sharing systems. They're the ones who've got free time for it. As you get older you get into college or into a job and you've got a lot less free time for messing around like that. It only makes sense, then, that school kids would be one of the two major groups doing this (the other being those adults for whom this kind of crime is their job).
Re: (Score:2)
Not just cyber crime (Score:2)
Teenagers are doing more of everything these days, not just lame DDoS. If I had to pull an explanation out of my ass, I'd blame it on the increasingly pussy parents failing to keep their kids in line, and the historic legal loophole where minors can get away with anything, with just a slap on the wrist and/or a brief stint in juvey.
The attitude is that if you're going to do stupid shit, do it before you're eligible for PMITA federal prison.
Re: (Score:2)
Kids swapping KNOWLEDGE! (Score:5, Funny)
Wow!! This is indeed dangerous:
"people start to swap malicious programs, knowledge and sometimes stolen data."
Where did they find the KNOWLEDGE in the first place ?
We need to fight at the source, find the KNOWLEDGE dealers and arrest them!
We need to make the fight against KNOWLEDGE a national priority, nominate a KNOWLEDGE tsar or something!
Will somebody think of the children!!
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
If you don't talk to your children about KNOWLEDGE, who will?
Don't pay no mind (Score:2)
Hey Hey hey
Come out and play! [wikipedia.org]
Way overdue for another Operation Sundevil? (Score:3, Interesting)
Serves them right (Score:2)
The fact that prepubescent children are people who are most likely to be know-it-alls (not attempting to offend anyone in that age group, but it is the typical attitude) who, say, have defragged their hard drive, once, and think they're therefore computer experts. I once found on the stats panel that someone had reached my blog with the search terms 'HOW DO YOU HACK IN TO A COMPUTER'.
The fact that they've learned to Google is good, but if they can't turn Caps Lock off or pay a visit to the local library fir
Wonderful! (Score:3, Interesting)
This means that law enforcement will spend all their time going after this low-hanging fruit, and the public's fear will be assuaged because of all the "hackers" that are getting put in juvie - while the real troublemakers are left completely alone.
Re:Targetting them, due to their own idiocy. (Score:4, Informative)
That's why they're called /b/tards.