Wednesday, February 18, 2015

Limits Of Legality

Limits Of Legality
RAT Limits Of Legality

Anyone serious about learning hacking should make sure to go through all the relevant laws in their jurisdicitions. For those who are not so serious, it is even more important. Simply goofing around may be enough to rack up a hefty fine, probation or even a sentence. In germany, for example, simply owning a tool that can be used for hacking, is a crime. One may actually be convicted for downloading a freaking app. In the same country, a professional penetration tester or a 12 year old may be regarded as criminal hackers just because s/he downloaded Cheat Engine (Im serious) or BackTrack OS. This is not to single out Germans but to show that imperfect laws still exist in almost every countrys constitution (Germans, dont worry. I have a lot more laws to insult from all over the world. But well leave these for another day) This problem depends on your geography only a little, but it is mostly global.

Why bother with all this legal nonsense? If youre not the type to spend your life fighting pointless politics or start protesting around to change existing laws, you need to follow them. After all, what choice do we have? Jail? Sure, why not. If you arent against something, then by definition, you support it. Anyways, lets leave politics for another website.

When it comes to hacking, no matter where you live, practically doing it means walking a fine line. But, before anything else, before the law too, you need to look after yourself and make sure you are aware of every possible consequence of performing a hack or anything even remotely related. From running batch files, which can wreck your computer to hacking a schools server which can get you expelled to leaking NSA secrets which can open the eyes of the world, you need to tread carefully. When it comes to hacking, there is no universal definition of right and wrong. Its different for the government, its different for the anonymous hackers group and it will be different for you and me. While were on this, you may have heard about the "criminal" anonymous hacktivist group and their "illegal" and "unethical" activities in the news and media somewhere. Take a wild guess, whos definition of right or wrong does the media follow?.. The obvious can be surprising. Change your viewpoint and you can change your world.

Coming back to the limits of legality, what all is legal for an average joe who wants to learn hacking? Although the exact answer will depend on your address (another bug in the matrix..), there are some general things you should keep in mind while learning and carrying out different hacking techniques, no matter where you live. These are not only to keep you out of jail but also to protect you from yourself. Since our lives will just keep on getting more and more dependent on technology, hacking is no longer just about hacking. Plus, it wont hurt to double check what youre doing wont get you in trouble.

•Know what youre doing.
Whatever the hacking method youre trying to do, it can never hurt to know a little more than what you need. You just might end up saving yourself a lot of trouble. Just one misplaced command in a batch file virus could spell disaster. As a rule of thumb: If you dont know what youre doing, dont do it. In the world of hacking, its easy to get carried away, specially when you try out something new, it works and you want more. Skipping the learning phase and moving straight to the doing phase is what turns potential hackers into script kiddies. In professional penetration testing, a small mistake in typing the IP address may result in you "hacking" into a whole different company on the other end of the globe. Clearly, they may not care about the difference between "pentesting" and "hacking" and your boss will find a lawsuit waiting to greet him. Actually, typos dont really lead to lawsuits. The point is, a big firm can probably get away with a little mistake. You cant. If you hack into some server or network where you dont have permission, there is no justification for what youre doing there (if youre caught). Now THIS, looks more like lawsuit material.

•Know the consequences of what youre doing.
This is an extension of the previous point. Before performing any hack, you should always try to visualize every step. See it in your mind, what all you need to do and what exactly is the expected outcome. You should try to avoid involving someone elses property or devices when learning hacking. If you stick to what you know, you should always be able to predict what will happen. That will leave only typos and genuine errors. Hacking is not all that dangerous and unpredictable if you know what youre doing.

•Dont hack anyone without their knowledge.
It may be only a fun little trick for you, but for the other person it could be an invasion of privacy or perhaps a massive violation of all the trust they put in you, for the more dramatic ones. Not all hacking techniques can be tried on yourself for practice. Most can, but still some like those involving networking need more systems. Its great if you can find a willing and trust-worthy friend and try hacking eachother for learning. If you ever consider trying larger and more elaborate hacks, taking written permission from all the involved parties is a good idea. For example (students), asking your computer teacher permission to simulate a DDOS attack in the computer lab, or perhaps the local cyber cafe. Another example, hacking public (protected) WiFi networks is illegal. You could try knocking on your neighbours door and advising them to switch over from WEP to WPA. This is what puts the "ethical" in "ethical hacker" and the chances of them giving you the new password by simply asking also increase.

•Know when to stop.
Companies hire penetration testing firms to check the security of their networks but almost always want them to stay away from private and confidential information, even if they have access. If someone were able to "guess" the facebook password of someone, it doesnt give them the right to exploit their ability without regard for anyone else. With each passing moment, our lives are getting more and more integrated with technology making it extremely important to know when to stop.

•Know the law.
In normal hacking, you will probably never need to be worried about legal trouble but it wont hurt to double check. To be extra sure, you can google up the constitution of your country or search for relevant laws regarding hacking.

Thats pretty much all a beginner hacker needs to know about the legal side of hacking. Once again, anything you do on your own computer that affects nobody else is usually safe (for others). As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace. Hence, it is better to be despised for anxious apprehensions, than ruined by superficial security (a little bit).


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.