this post was submitted on 26 Dec 2023
1013 points (97.9% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54819 readers
473 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I keep hearing this.
Find me any company that will hire someone so unstable and destructive, and I'll show you a company with bad hiring practices.
This is someone you can never count on to do anything they don't want to do. Someone who will destroy things if they don't get their way. Triple letters won't touch him.
Also, let's be clear, a lot of this was social engineering. He didn't do anything impressive, he just did things others wouldn't be brazen enough to do because they didn't want to get caught.
definitely, but people can change
people always have a high and mighty mentality when talking about social engineering, most attacks today use some form of social engineering and have for a long time, if not always.
Sure, but from what I have read that hasn't happened and he doesn't want to change. He straight up said he will continue to hack if released. He has even hacked in custody.
He can change if he gets the right treatment or he has a moment of reflection. It's unreasonable to expect a normal person to be the same person 3 years later and even more unreasonable to expect a mentally unstable person to be the same n years later.
Isn't that exactly what is happening?
It's not the right treatment if it doesn't work, and if it does work, it could still take ages for it to have a good enough effect.
So yes, but also no. Psychology and psychiatry are difficult because they require trial and error.
He did get sent to a psych ward instead of prison with that exact hope. IIRC the biggest issue wasn't just the hacks, but that he was extremely violent and showed no remorse whatsoever as well.
Social engineering, arguably, is one of the harder things to learn.
It's a collection of soft skills, and if you've been paying attention to rank and file tech jobs, places are looking for people with soft skills because they're so impractical to train.
This goes down to your basic help desk tech.
Anyone with an interest in computers can sit down and learn how to analyze and exploit weakness in code. In fact, it's a fun puzzle. Dealing with other people, let alone establishing oneself as another person and fucking SELLING that character enough to get what you need?
People write off social engineering far too quickly. It's quick, it's effective, and if done well, the person you exploited doesn't even realize they've been tricked.
Social engineering is a major part of pen-testing and of hacking. It's still impressive despite any carelessness.
This wasn't carelessness. This was a deliberate.
I have a buddy that I grew up with that does penetration testing. Like I live in a city a whole continent away from home, and I run into him here or there, looking like a random smoking a cigarette outside an office tower or whatever. And thats what he's doing, he's on assignment trying to social engineer someone to give him access.
As they say, a chain is only as strong as its weakest link. Why try to hack the door lock when you can exploit people's instincts to let them hold the door for you?
Are you kidding me? Aggressive, unstable and destructive seem to be core tenants for the CEOs of many large scale blue chip firms.
If you want actual penetration defense, you absolutely hire the unstable person. I'm not saying you put him or her in the centre desk on the main floor, let him or her work from an environment where they are most comfortable, and one that supports them best.
If you want window dressing, hire the neat and tidy person, who couldn't actually penetrate an Excel sheet.
Or you hire an intelligent, capable, and professional pen tester. They'll find the same holes that the nutcase will, they'll document them, and they'll do it without breaking things.
If you don't think MI6 have their grubby hands all over this deciding what to do with the boy you should think again.
He's too risky