Ugh, I was under the impression that 'these days' hacking was harder because people/companies are more informed then they used to be compared to back when the internet was newer ... apparently I was wrong. Lately it seems worse then ever, are companies just cutting corners to save costs? Or are (cr/h)ackers just 'smarter' then the average 'professional IT' crowd?
> Or are (cr/h)ackers just 'smarter' then the average 'professional IT' crowd?
The difference between your average professional cracker and your average sysadmin is that when a cracker doesn't know his stuff, he can't get anywhere... while a sysadmin would be able to slack off all day as long as he keep appearances up. (No offense meant to good sysadmins - they are the most awesome people in the sector)
And a lot of people do that. I've seen it first hand so many times I lost count. Heck, it sometimes happens even to Google. I'm willing to bet a lot of Sony's/Microsoft's teams are filled with incompetents who barely know more than how to reboot the server they handle, let alone know about security and such.
I think the more competent you are, the less you are able to notice incompetence around you (without specifically looking for it). There's an interesting parallel to be drawn with the excellent article on the Fermi paradox currently on the front page: Nobody stops for the anthill.
One of the companies I worked for (no names here) has an absolutely worthless sysadmin. The guy manages fifty linux machines and he doesn't know how to set up SSH. He's been on the team for several years and he's getting carried by the fact that the people who can fire him don't know how to set up SSH any better than he does -- and other people end up cleaning up his messes.
Does that story sound familiar to you? If you have worked in enterprise and haven't encountered it, you've either been very lucky or very blind.
Aside from occassional incompetence, it's good to recognise that with sysadmins vs. crackers the odds are stacked in the favour of crackers. Sysadmins need to guard against all attacks to do their job, whereas crackers only need to find one attack that has been overlooked. Also, despite the image of crackers as super tech geniuses, as a group they still know that the path of least resistance is often the best, which relies heavily on social engineering, which is far easier to do.
they aren't aren't hacking anything. It is a DDoS it doesn't take any "skill". Any person with money can hire them, and it isn't hard to build a bot net if you don't care about breaking the law.
I have no idea why he keeps commenting while hellbanned. Only some of us can see him and no one can respond to him directly. Just make a new name, man.
Perhaps legacy software is becoming the problem. In any system there's bound to be a dependency or any kind of use of a legacy piece of software with known bugs/exploits. Hackers identify these weakest links/weak spots and use these 0-days as entry points to breach the system further. As more systems are developed, it takes so much more time to track these weak spots, let alone maintain them.
So I think you're right. It's a miracle that the Internet even works. At all.
