CRACKER X HACKER - original in http://www.tiespecialistas.com.br/2011/08/cracker-x-hacker/

In my last article I explained to you what I mean about hackers and crackers, different as they are in good and bad. Some people questioned me about the two words here and spend a little history and comments.

"CRACKER ... wafer is not and has no taste, an invasion occurs only when there is that we learn of what tastes.

The bitter taste of all that building was destroyed. "

In the Wikipedia definition is as follows:

Cracker is a term used to describe someone who practices the breaking (or cracking) of a security system, illegally or unethically. This term was coined in 1985 by hackers against journalistic use of the term hacker. Use of this reflects the strong revolt against theft and vandalism committed by cracking.

In other words.

He who does the security breach on a system.

In the Wiki also talk about the controversy of the term, but it follows a bit of opinion. Using both neologisms reflects a strong revulsion against the theft and vandalism on the net. 'The neologism "cracker" in this sense may have been influenced by the slang term "cracker," which in Shakespearean English meant an unpleasant person and in modern colloquial American English survives as a synonym for evil delicate called "white trash."
While it is expected that any real hacker has done some raids, with undeniable skill of their techniques, the term "cracker" falls into oblivion and raises "HACKER" the position of the dark side of the Force.
Thus, there is far less overlap between hacker and cracker than regular reader misled by sensationalistic journalism might expect. Crackers tend to gather in small groups, very close and secret but well known in the media due to its disclosure. Though crackers often like to describe themselves as hackers. An easy way to distinguish and detect the difference between hackers and crackers is that crackers use names that hide their identities. Hackers never do this because they rarely use noms de guerre in everything they do, and when they do is to show rather than conceal.
Changing the subject a bit, has anyone thought to ask if the attacks are one more reason to hasten the DIGITAL LAW OF CRIMES IN BRAZIL??
In fact the very attackers know it or ever think about that.
"Hacker" is the malicious security cracker.
It is good just for a story as interesting as this. We would be forever writing it is extremely culture and history is something we can call "NO MATTER THE END BUT THE ACTS"
Whether for the WELL ... Are in the history of information security,
Whether for BAD ... Are in the history of information security,
They are nothing more than history and leverage the IT upgrades in its entirety.

Below the names of some hackers / crackers famous, only to remember .. click to see links

Jonathan James

Adrian Lamo

Kevin Mitnick

Kevin Poulsen

Robert Tappan Morris

hacker attacks in Brazil

There are about two to three years I was with Mr Julio Semeghini and Dr Renato  Opice Blum in a debate on computer crime law by Decision Report.

In this debate were also Cristine Hoepers CERT.BR the other guests, follows a link to verify a portion of the transmission; http://www.youtube.com/watch?v=wjXF50ZWKcM&feature=player_embedded

Even then, in 2009, the project was of long standing waiting for approvals, (PL 84/99) seems to have no right and no end date.

With so many rodeos to put it into practice, once approved as amended and the "strikethrough" PLS 84 attacks and that more attacks will happen and these digital crimes even if they identified their attackers can not be punished because they still do not have a law that defines this type of crime.

I'm no lawyer, but I believe there is no fitness for Computer Crime still in Brazil. It seems that only the Decree Law 2.848/40 has something to define but not all of the offense. The fact is that the short memory of Brazilian politicians do not remember the attack in January 2011 complaining about the government Dilma, whose group Fatal Error Crew took the incident and claiming that the attack in June with the same group allied with Brazil Lulzsec

Other interesting dates were 2005 and 2007, when strange blackouts left more than 4 million people in the dark. Dates were also possible causes Hacker ...

And so we left behind even in Laws, as countries such as Chile and Argentina already have a Digital Law.

Forming groups and foundations such as the hackers hacking group Lulzsec Brazil, Anonymous, etc ... will be greater and greater number attacks committed;

There will always be attackers and defenders. When new holes are conquered, sites and more sites have attempted intrusions and / or invasion.

Governmental units are apparent when attacked, but what happens to the sites of small and medium enterprises?.

These are in constant attacks but not much media for this, only when a large bank or a large company is the target, then yes ....

For hackers, train invasion is easy when you have such sites to test, approve

and put into production in just over one hour.

The same tools used for safety and good of an organization, is also used by hackers, and most of the time, with greater dexterity.

It is worth mentioning here that several hackers memorable names such as Kevin Mitinik, but I believe his record as a hunter was the best hacker in his time and his name is Tsutomu Shimomura whose side was good. There is a word that hacker turned to bad programming. Hacker has always been and always will be the subject of raids, but at other times, this word was deemed knowledgeable in the improvement of our environment and that in this new era fading to the dark side of the Force Word Cracker better define an invasion but this is a topic for another story here in the IT specialists (www.tiespecialistas.com.br).

A TRUE STORY

Alarming results were announced after a recent survey by the Ponemon Institute Research and Juniper Networks. The result is related to what we have seen in the media recently, hackers are almost always successful in their efforts to invade a site, and stop them is no easy task. The news shows that 90% of companies suffered some type of attack in the last 12 months. Over 77% who had actually suffered attacks internal problems due to the success of hackers in the raid. Respondents reported a very low trust in their ability to prevent attacks. Many believe that simply are not prepared. 53% believe they will also face some sort of attack in the next 12 months. Attacks on websites are often using classic vulnerabilities as "SQL Injection and Cross Site Scripting (XSS). " What are the biggest barriers to implementing an effective security strategy?
Almost half (48%) of companies surveyed said they found the security procedures too complex to implement. Another 48% mentioned the lack of resources. Companies are looking at the costs of security procedures and practices and complex, analyzing them as expensive to implement. Thus check the possibilities are cheaper. Vulnerability scanners are becoming an ever more effective in detecting faults and take corrective measures at a reduced cost. As for the consequences of these attacks, companies are seeing that the data theft and business interruption losses are more severe. With so much money being lost in breaches, companies need to invest more money in more preventative security measures even at reduced cost. "What you see is that in today's environment, systems" hacked "is almost a statistical certainty."
A fact
He warned that there would be an invasion of the sites of the corporation, but no one took action.
For several times the analyst said the SI had vulnerabilities in the IT development of corporate web sites. He analyzed, identified, reported and noted that should be considered for settlement, but was not granted.
Months passed and patch updates were installed, new devices were placed to improve perimeter security, however the application had not a single line of code updated for protection, only lines to improve customer service and streamline the business.
How many of you have heard this story?
When this occurs, the IT loses itself, along with the corporation, she takes the blame for failing to observe safety guidelines and parameters in its internal development.
A notification of security is proactive rather than an invasion and subsequent tagging of the site developed, whether outsourced or internal development, the role of SI is also possible to analyze vulnerabilities and liabilities.
An important example of success occurred on one occasion, when an analysis done on a Brazilian website in the U.S.. The analysis demonstrated vulnerabilities in the site more than holes in Swiss cheese. A notice sent to holders of the site in the country warned that the problem for biggest surprise was resolved in just over two weeks. Impressive concern and better for the Corporation as the situation was resolved in a timely manner.
The same situation occurred in the enterprise with a site available only in Brazil did not have the same attention and resolution of vulnerabilities. Guess what happened with this site?
La graffiti was a Brazilian to traditional modes of common invaders.

Segurança em T,I.

Assegurar que seus dados estejam protegidos é mais que necessário nos dias de hoje. Validar informações, monitorar e adequar a niveis de segurança aceitaveis é nosso papel em ajuda-los.