Tuesday, 7 November 2006

world is full of clever people

a world full of shrewdness - precisely defines internet and its growth. it has always been about money, traffic, ads, and hacking other's stuff to promote yours (exception may be like google, which was first about product then business model build around it. (btw, did you know that gmail does not support dot, kartik.rdburman@gmail.com is same as kartikrdburman@gmail.com or any other combination with more number of dots, but i can login only using kartik.rdburman as my id. (and did you notice how gtalk is now improved to support offliners? (and did you notice how orkut is now integrated with gtalk? (these days one part of my job has been a part-time google testing team member as they keep adding features, and another part being required to match parentheses))))).

well, most parts of the blog are my poor understanding to already known phenomena on the web, but i just could not skip the revelation - more about human nature than about these tricks.

while the viruses and trojans have been ubiquitous, techniques known as pharming (farming trojans by hacking onto a server) and phishing (fishing an unsuspecting user into a seemingly innocuous but specious webpage, and asking him to reveal personal information) have been being used for some time now. remember any page on geocities/members.tripod which asked for your respective domain id/password? remember mails in your mailbox seemingly sent by your friends (and also not reported as spam by the mail service) containing such traps? before you blast your friend, think about why your password still remained same (if it did) and coincidentally your friend got such spam.

based on the flaws of the hastily built software systems, the so called hackers have always exploited the web for their own welfare (fun, money, challenge). some have gone forward to such an extent that they target a particular service (similar to spear phishing). AOHell was targetted at AOL, with a goal to have "20,000+ idiots using AOHell to knock people offline, steal passwords and credit card information, and to basically annoy the hell out of everyone". see its features here and here, it included simple tricks like ghost , scroll, finger (feeding chat screen with multiple lines/ascii art, like seen on dc++ chat), some kewl tricks (like fake account creator, IM Bot), some nasty tricks (like mail-bomb), and some really specious (like credit card number simulator)...... mind you all this intelligent programming was done only to take revenge on AOL administrators who used to shut hacker chatrooms down, but not chatrooms like childporn/pedophiles.

does that sound something like a sunny deol movie, setting the world around him right in his own manner - "kanoon haath me lena"? let me remind you that this is www=wild wild web. and no one cares what goes inside out of another server as long as it does not bother your system.

i can't find any reason to blame them (hackers) if ordinary mortals find the trick too intelligent to evade. similar but relatively well-known practices have been being followed in "traditional" business, and many still keep falling prey to them. you don't blame these business savvies because they dupe people to make money. this is precisely like a nice soft voice on your phone telling you that you need to pay a small amount of money by creditcard in order to get double balance deposited in your bank account, or somewhat like politely saying "give me 5 bucks and i will (if i wish to) give you back ten thousand" forgetting that the wish is inherently biased and your expected return should be zero. to someone more stupid, i would rather say "f*@# you !"

clever has a shade of intelligent, and a shade of cunning. it's like a movie - the protagonist can be a criminal, or can be a gentleman, it only depends on what character YOU find a connection with.