Hacker Myths

written by: Abraham Humphrey; article published: year 2007, month 05;


In: Categories » Computers and technology » Data security » Hacker Myths

All the perceptions of hackers and their portrayal in movies and entertainment have lead to the development of “hacker myths.” These myths involve common misconceptions about hackers and can lead to misconceptions about how to defend against them. Here we have attempted to identify some of these myths and dispel common misconceptions.

  1. Hackers are a well-organized, malicious group.

    There is indeed a community within the hacker underground. There are hacking-related groups such as Alt-2600 and Cult of the Dead Cow, IRC “hacking” channels, and related newsgroups. However, these groups are not formed into a well-organized group that targets specific networks for hacking. They share a common interest in methods for avoiding security defenses and accessing restricted information.

  2. If you build it, they will come; and

  3. It is safe if you hide in the tall grass.

    Both of these myths represent opposing views on the probability of being hacked. Myth 2 is indicative of the view that once an Internet presence is established, malicious hackers will begin to attempt a compromise. Myth 3 expresses the opinion that there are so many Web sites around that if you just do not make a lot of noise and do not have one of the truly big sites, publicity-seeking hackers will not bother to go after you.

    The truth lies somewhere in the middle. You will probably be scanned by users with malicious intent, but it may not happen the moment your systems go online. Some scans will be by groups trying to get an idea of how many Web sites are using a particular piece of software. Others are unethical (but legal) system reconnaissance.

    A good plan is to develop a security posture that balances the risk of system compromise with the costs of implementing and maintaining security measures. This will allow you to sleep at night. While you may not stamp out the chance of compromise entirely, you will have done what you can to prevent and limit the compromise without killing your budget.

  4. Security through obscurity.

    Myth 4 implies that because you are small and unknown or you hide a vulnerability, you are not at risk. For example, according to this myth, if you create a Web site but give the URL only to your friends, you don't have to worry about it being attacked. Another example we have seen is the creation of a backdoor around a firewall by putting a second network card in a DMZ system and directly connecting it to the internal network. People using such a strategy think that because they have hidden the weakness, no one will find it and the organization is safe. However, security through obscurity does not work. Someone will find the weakness or stumble upon it and the systems will be compromised.

  5. All hackers are the same.

    This myth is borne out of a lack of knowledge among the general public about the hacker community. All hackers are not the same. As mentioned above, different hackers focus on different technologies and have different purposes and skill levels. Some hackers have malicious intent; some don't. They are not all teenagers who spend far too much time in front of a computer. Not all hackers are part of a group that defaces Web sites and creates and distributes hacking tools. The range among hackers is great, and you need to defend against them all.

legal disclaimer

1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service

Useful tools and features

Translate this article to...    Send this article to you or to a friend

Link to this article from your page   
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.

related articles

1. What are Buffer Overflows
Exploiting a buffer overflow is an advanced hacking technique. However, it is a leading type of security vulnerability. To understand how a hacker can use a buffer overflow to infiltrate or crash a computer, you need to understand exactly what a buffer is. A computer program consists of many different variables, or value holders. As a program is executed, these different variables are assigned a specific amount of memory as required by the type of information the variable is expected to hold. For example, a short integer ...

2. Protecting the Security of Information
The first and best line of defense against unwarranted intrusions into personal privacy is for individuals to employ e-commerce technology to protect themselves. Industry-developed and supplied encryption technologies and firewalls, for example, provide individuals with substantial tools to guard against unwarranted intrusions. Encryption is technology, in either hardware or software form, which scrambles e-mail, database information, and other computer data to keep them private. Using a sophisticated mathemati...

3. Why Is Authenticated SSL Necessary
Notions of identity and authentication are fundamental concepts in every marketplace. People and institutions need to get to know one another and establish trust before conducting business. In traditional commerce, people rely on physical credentials (such as a business license or letter of credit) to prove their identities and assure the other party of their ability to consummate a trade. In the age of e-business, authenticated SSL certificates provide crucial online identity and security to help establish trust between ...

4. Virus Prevention ~ How to protect against Internet Viruses
There are several elements to a good virus defense. The most important element requires some self-control—you must NEVER open a file/program unless you are 100% sure it is not infected. No matter how attractive the file is, where it came from, or what it promises you, you can never assume that a file is what it claims to be. For example, the Melissa virus reproduced through email and sent copies of itself to every one in the victim's address book. Because of this, relatives and friends of the victim were soon infected as ...

5. How to protect against Hostile Web Pages and Scripting
The dangers of Trojans and viruses are well known. However, many computer users are completely unaware of the dangers involved in viewing Web pages. Through scripting languages, Web page operators can upload and download files to your device (PC/PDA). They can also install mini-programs or grab information from you that can be used to destroy or take over your computer. Every time you go to a Web page, you actually download the full document to your computer. This includes all text, pictures, and even any code that is r...

6. Features of Windows Encrypting File System (EFS)
• Only available on Windows 2000 and Windows XP operating systems using NTFS partitions and volumes. (NTFS v5). • Encryption is transparent to the user. • Uses public-key encryption. Using a public key from the user’s certificate encrypts keys that are used to encrypt the file. The list of encrypted fileencryption keys is kept with the encrypted file and is unique to it. When decrypting the file encryption keys, the file owner provides a private key that only he has. ...

7. What are Denial of Service Attacks (DOS attacks) and how to protect against them
Hackers can wreak havoc without ever penetrating your system. For example, a hacker can effectively shut down your computer by flooding you with obnoxious signals or malicious code. This technique is known as a denial-of-service attack. Hackers execute a denial-of-service attack by using one of two possible methods. The first method is to flood the target computer or hardware device with information so that it becomes overwhelmed. The alternative method is to send a well-crafted command or piece of erroneous data that crash...

8. What is a Sniffer and How to Protect your Data Against Sniffing
A sniffer is a program and/or device that monitors all information passing through a computer network. It sniffs the data passing through the network off the wire and determines where the data is going, where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features that enable them to filter a certain type of data, capture passwords, and more. Some sniffers (for example, the FBI's controversial mass-monitoring tool Carnivore) can even rebuild files sent across a network, such as...

9. Short history about Internet Viruses on Palm OS
From lessons in biology, we know that viruses infect every other organism, without exception, including even the tiniest bacteria. Thus, biologists and anti-virus experts were not surprised to hear of the first malware infections of mobile devices. The first PDA virus appeared on the Palm platform in 2000. The Palm OS has a different architecture from desktop computers, so it is less suscep-tible to immediate infections from existing desktop viruses. In addition, the Palm has certain safeguards built into the OS to help...