What is piracy and how to protect yourself


Hacking éthique



What is piracy and how to protect yourself



The purpose of this blog is not to give you a complete history of the hacking “phenomenon”, but rather to provide you with some details in order to better understand the environment in which you are about to walk the paths.

Definition of hacker :


The term “hacker” took on its full meaning with the arrival of electronics around 1950. He is a curious-minded person who asks himself a lot of questions about the functioning of a system or a material. Consequently, the latter will hack, divert technical innovations by using his high computer skills (programming, network, cryptography, etc.) to obtain the desired result.


From there, I can give you a simple and clear definition of a hack: it is a question of diverting the initial functioning of a thing (system, hardware, ...) to make it produce behavior not foreseen at the base. For example, if you manage to hijack your car (supposed to move on its 4 wheels, on the ground) so that it can fly, it will then be said that you have hacked your car.

In general, we can find hackers in all areas (even in agriculture), but in our case, we are more specifically interested in IT and everything that follows.

Actors in hacking :


In the field, each hacker carries a “label” which determines his type of activity, his approach his opinions, and his long-term objectives.


First, we have the “White Hats” who track down the slightest vulnerability and do nothing illegal. On the contrary, they warn the editors of systems at risk to help them, even offer them fixes.


Conversely, we have the “Black Hats” who directly seek profit, the sale of personal data (sales on the black market) ... they do it illegally and in an extreme case, they are called “Hacktivists ”(Like Anonymous).


Among these opposites is the “Gray Hats”, although the latter also employ illegal methods to achieve their ends but consider themselves neutral in the eyes of the Law. There are many other ways to qualify people who are hacking, but with these few words, you should already be clearer.

Methods used around hacking :


Voluntarily, I will only speak to you about the most common hack methods. Among them, there are activities that the Law does not prohibit ... and others that fall within the scope of an offense.

  • Finding flaws and exploits ==> Finding flaws and vulnerabilities in programs in order to modify the behavior expected by them. It is like looking for an error and inventing a technique to use it.
  • Intrusion ==> Access a computer system, use it, execute unauthorized code on a server belonging to a company, etc.
  • Defacing ==> Modification of the files of a website, with the sole aim of showing the public the success of the hack, or proposing a completely different page, disseminating a message.
  • Use of data ==> Collection, processing, and sale of information to others. The author can use malicious programs to spy on the victim and collect private data.
  • Denial of Service (DOS) ==> Block the operation of a system by paralyzing it. For example, by clogging up the multiple request server, it will eventually crash and cause problems.
  • Online spaces ==> They are called repositories (or “repositories”), these are websites intended to contain documentation, tools, and/or exploits of all kinds.
  • Phreaking and spying ==> Divert the use of telephone systems, in order to intercept conversations, listen to them, or to be able to make calls for free and not pay for paid services.
  • Viruses worms, and trojans ==> Programs that unknowingly infect a system, can spy and collect information, corrupt data, have an unauthorized operation.
  • Social Engineering ==> Manipulate a person to gain their trust, or take advantage of their naivety to extract confidential information from them, use them as an accomplice to commit an illegal act.

Answers to the most common questions : 


Now find some answers to “silly” or recurring questions that many ask themselves when they are interested in IT security.

Obviously, we could make them complete books, but I tried to select what seemed to be the most telling and to give my own point of view on these few questions.

Is a hacker a pirate?


Basically, a hacker represented anyone capable of computer prowess to find flaws in systems, know how to analyze architectures, and use all available technologies and languages ​​to exploit them, bypass security, adopt a program.

Unfortunately, the media and/or governments very quickly associated the term “hacker” only with dishonest people, those who steal user data, do industrial espionage, embezzle money ... or worse.

Everything is therefore only a question of actions and point of view. The hacker who steals bank data to get rich is a “bad” hacker (or hacker) - the hacker who detects security holes in a program like Google Chrome and warns the company privately to help it fix it. of vulnerabilities is a good hacker (see the terms “White Hats” and “Black Hats” mentioned above).

Is it legal to hack?


It will be difficult for me to keep this issue short, but to keep it simple, it is perfectly legal to train in programming techniques, to do research, and to use your material, as long as it does not come face to face to the laws cited above.


In addition, you are not prohibited from hacking your own equipment (and not that of your parents) out of curiosity or to test the security of your equipment.


The ideal is, therefore, to set up a small development environment (via a virtual machine) and to apply what you will learn on your own systems and infrastructures, as long as they belong to you.


For the rest, you must have written and explicit authorization from a third party to operate their system/infrastructure. Conversely, you expose yourself to penalties!

Difficult or easy?


Without wanting to play the philosophers, learning everything begins with a first step ... and there is no easier way than another ... just different ways to get to your destination.


In other words, Devin hacker is a long-term job, regular but captivating, like the martial arts practitioner who devotes his life to his art, lives it daily, and never stops improving.


So the difficulty, there will be, cases that seem insurmountable ... probably also, but nothing humanly impossible. Time, patience, and the proper application of your skills will get the better of everything. And with a sufficient dose of self-confidence, you will become a very good hacker.

Do you need to know English to progress?


It is a fact and has always been. Most of the systems, programming languages, software, and hardware have been invented and/or made largely by Americans.


Logically, each original documentation, each architecture, each technology is distributed in English. Now, you don't have to be bilingual to get by ... and it's always easier for someone to remember foreign terms as soon as they relate to a passion.


Finally, English is omnipresent in the world, every time you look at your messages, check your emails, go to work, take the car, cook ... Like everyone, you will do very well!

--------------------------------------------------------------------------------------------------------------------------

We will try to address a maximum of essential points. Starting from the basics and from what was done historically so as not to neglect the modern threats that make the daily lives of individuals and businesses today. Do not forget that hacking lives, evolves according to innovation and many new methods, always more sophisticated than each other.

Programming 


Programming is a mandatory step when hacking. It involves studying and learning to use various computer languages ​​(C, C ++, Python, PHP, Shell, etc.) in order to understand the functioning of machines, electronic devices, systems, and networks.


In addition, acquiring programming knowledge will allow you to develop tools to save time, automate tasks, perform a security audit exploit a flaw, or simply to improve open-source software.


Remember, a hacker is someone who can make their code “elegant”. It is not simply a matter of making a program work, but that it is executed in the best possible way!


Networks and telecommunications


Networks and telecommunications constantly transmit information. Whether through the Internet, the Web, telephone networks - these different means of communication themselves present their own security vulnerabilities.


What to do if communication is intercepted? How to avoid espionage? Can we still exchange information without it being publicly disclosed?


We will answer these few questions when we study the “network” aspect of computer security. It will also be an opportunity to look at some international standards and use associated tools to consolidate your skills.

Operating systems 


The systems, you know them very well, they are the ones you use every day on your computers (Windows, GNU / Linux, BSD, Mac OS), on your mobile devices (Android, iOS, BlackBerry, ...) or found on millions of devices all over the world, in all fields (medical, aeronautical, automotive, etc.)

Understanding your system means being aware of its weaknesses, quickly identifying your vulnerabilities, and knowing how to protect yourself from threats.

Hacking, therefore, has its place here, with the aim of securing these systems or, conversely, using ingenious methods to search for vulnerabilities and take advantage of them, always within the law.

Cryptology


Cryptology is a "science" that uses more complex mathematical concepts and algorithmic methods to encompass certain aspects such as cryptography cryptanalysis, or to a lesser extent steganography.


If these terms scare you, that's okay. We will have a lot of opportunities to study ways to encrypt information, decode or decrypt it, analyze a protected program, or even reveal the secrets hidden in a seemingly normal file.


--------------------------------------------------------------------------------------------------------------------------



The last word As you will have understood after careful reading, hacking is a very serious field requiring a certain maturity. Even if it is readily associated with computer security, it should be remembered that not everything is allowed and that your practice must be confined to compliance with the laws of your country.


Under no circumstances can I be held responsible for your fraudulent acts and acts that go against the law.

Commentaires