DOCSLIB.ORG

Software Cracking

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Software Cracking < Day Day Up > • Table of Contents • Index • Reviews • Reader Reviews • Errata • Academic Security Warrior By Anton Chuvakin, Cyrus Peikari Publisher: O'Reilly Pub Date: January 2004 ISBN: 0-596-00545-8 Pages: 552 What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle. < Day Day Up > < Day Day Up > • Table of Contents • Index • Reviews • Reader Reviews • Errata • Academic Security Warrior By Anton Chuvakin, Cyrus Peikari Publisher: O'Reilly Pub Date: January 2004 ISBN: 0-596-00545-8 Pages: 552 Copyright Dedication Preface Organization of This Book Part I: Software Cracking Part II: Network Stalking Part III: Platform Attacks Part IV: Advanced Defense Part V: Appendix Conventions Used in This Book Using Code Examples Comments and Questions Acknowledgments Part I: Software Cracking Chapter 1. Assembly Language Section 1.1. Registers Section 1.2. ASM Opcodes Section 1.3. References Chapter 2. Windows Reverse Engineering Section 2.1. History of RCE Section 2.2. Reversing Tools Section 2.3. Reverse Engineering Examples Section 2.4. References Chapter 3. Linux Reverse Engineering Section 3.1. Basic Tools and Techniques Section 3.2. A Good Disassembly Section 3.3. Problem Areas Section 3.4. Writing New Tools Section 3.5. References Chapter 4. Windows CE Reverse Engineering Section 4.1. Windows CE Architecture Section 4.2. CE Reverse Engineering Fundamentals Section 4.3. Practical CE Reverse Engineering Section 4.4. Reverse Engineering serial.exe Section 4.5. References Chapter 5. Overflow Attacks Section 5.1. Buffer Overflows Section 5.2. Understanding Buffers Section 5.3. Smashing the Stack Section 5.4. Heap Overflows Section 5.5. Preventing Buffer Overflows Section 5.6. A Live Challenge Section 5.7. References Part II: Network Stalking Chapter 6. TCP/IP Analysis Section 6.1. A Brief History of TCP/IP Section 6.2. Encapsulation Section 6.3. TCP Section 6.4. IP Section 6.5. UDP Section 6.6. ICMP Section 6.7. ARP Section 6.8. RARP Section 6.9. BOOTP Section 6.10. DHCP Section 6.11. TCP/IP Handshaking Section 6.12. Covert Channels Section 6.13. IPv6 Section 6.14. Ethereal Section 6.15. Packet Analysis Section 6.16. Fragmentation Section 6.17. References Chapter 7. Social Engineering Section 7.1. Background Section 7.2. Performing the Attacks Section 7.3. Advanced Social Engineering Section 7.4. References Chapter 8. Reconnaissance Section 8.1. Online Reconnaissance Section 8.2. Conclusion Section 8.3. References Chapter 9. OS Fingerprinting Section 9.1. Telnet Session Negotiation Section 9.2. TCP Stack Fingerprinting Section 9.3. Special-Purpose Tools Section 9.4. Passive Fingerprinting Section 9.5. Fuzzy Operating System Fingerprinting Section 9.6. TCP/IP Timeout Detection Section 9.7. References Chapter 10. Hiding the Tracks Section 10.1. From Whom Are You Hiding? Section 10.2. Postattack Cleanup Section 10.3. Forensic Tracks Section 10.4. Maintaining Covert Access Section 10.5. References Part III: Platform Attacks Chapter 11. Unix Defense Section 11.1. Unix Passwords Section 11.2. File Permissions Section 11.3. System Logging Section 11.4. Network Access in Unix Section 11.5. Unix Hardening Section 11.6. Unix Network Defense Section 11.7. References Chapter 12. Unix Attacks Section 12.1. Local Attacks Section 12.2. Remote Attacks Section 12.3. Unix Denial-of-Service Attacks Section 12.4. References Chapter 13. Windows Client Attacks Section 13.1. Denial-of-Service Attacks Section 13.2. Remote Attacks Section 13.3. Remote Desktop/Remote Assistance Section 13.4. References Chapter 14. Windows Server Attacks Section 14.1. Release History Section 14.2. Kerberos Authentication Attacks Section 14.3. Kerberos Authentication Review Section 14.4. Defeating Buffer Overflow Prevention Section 14.5. Active Directory Weaknesses Section 14.6. Hacking PKI Section 14.7. Smart Card Hacking Section 14.8. Encrypting File System Changes Section 14.9. Third-Party Encryption Section 14.10. References Chapter 15. SOAP XML Web Services Security Section 15.1. XML Encryption Section 15.2. XML Signatures Section 15.3. Reference Chapter 16. SQL Injection Section 16.1. Introduction to SQL Section 16.2. SQL Injection Attacks Section 16.3. SQL Injection Defenses Section 16.4. PHP-Nuke Examples Section 16.5. References Chapter 17. Wireless Security Section 17.1. Reducing Signal Drift Section 17.2. Problems with WEP Section 17.3. Cracking WEP Section 17.4. Practical WEP Cracking Section 17.5. VPNs Section 17.6. TKIP Section 17.7. SSL Section 17.8. Airborne Viruses Section 17.9. References Part IV: Advanced Defense Chapter 18. Audit Trail Analysis Section 18.1. Log Analysis Basics Section 18.2. Log Examples Section 18.3. Logging States Section 18.4. When to Look at the Logs Section 18.5. Log Overflow and Aggregation Section 18.6. Challenge of Log Analysis Section 18.7. Security Information Management Section 18.8. Global Log Aggregation Section 18.9. References Chapter 19. Intrusion Detection Systems Section 19.1. IDS Examples Section 19.2. Bayesian Analysis Section 19.3. Hacking Through IDSs Section 19.4. The Future of IDSs Section 19.5. Snort IDS Case Study Section 19.6. IDS Deployment Issues Section 19.7. References Chapter 20. Honeypots Section 20.1. Motivation Section 20.2. Building the Infrastructure Section 20.3. Capturing Attacks Section 20.4. References Chapter 21. Incident Response Section 21.1. Case Study: Worm Mayhem Section 21.2. Definitions Section 21.3. Incident Response Framework Section 21.4. Small Networks Section 21.5. Medium-Sized Networks Section 21.6. Large Networks Section 21.7. References Chapter 22. Forensics and Antiforensics Section 22.1. Hardware Review Section 22.2. Information Detritus Section 22.3. Forensics Tools Section 22.4. Bootable Forensics CD-ROMs Section 22.5. Evidence Eliminator Section 22.6. Forensics Case Study: FTP Attack Section 22.7. References Part V: Appendix Appendix A. Useful SoftICE Commands and Breakpoints Section A.1. SoftICE Commands Section A.2. Breakpoints Colophon Index < Day Day Up > < Day Day Up > Copyright © 2004 O'Reilly Media, Inc. Printed in the United States of America. Published by O'Reilly Media, Inc. 1005 Gravenstein Highway North, Sebastopol, CA 95472. O'Reilly & Associates books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc. Security Warrior, the image of Sumo wrestlers, and related trade dress are trademarks of O'Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O'Reilly & Associates was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. < Day Day Up > < Day Day Up > Dedication Dr. Cyrus Peikari is humbled before Bahá'u'lláh, the Glory of God. He also thanks his students, teachers, and fellow seekers of knowledge. Dr. Peikari is also grateful to his family for their support and encouragement. -Dr. Cyrus Peikari The part of the book for which I am responsible is dedicated to Olga, who put up with me during all those evenings I spent working on the book and who actually encouraged me to write when I was getting lazy. -Dr. Anton Chuvakin < Day Day Up > < Day Day Up > Preface ...All samurai ought certainly apply themselves to the study of military science. But a bad use can be made of this study to puff oneself up and disparage one's colleagues by a lot of high- flown but incorrect arguments that only mislead the young and spoil their spirit. For this kind gives forth a wordy discourse that may appear to be correct and proper enough, but actually he is striving for effect and thinking only of his own advantage, so the result is the deterioration of his character and the loss of the real samurai spirit. This is a fault arising from a superficial study of the subject, so those who begin it should never be satisfied to go only halfway but persevere until they understand all the secrets and only then return to their former simplicity and live a quiet life.... -Daidoji Yuzan, The Code of the Samurai [1] [1] Samurai quote courtesy of http://www.samurai-archives.com. This book offers unique methods for honing your information security (infosec) technique. The typical reader is an intermediate- to advanced-level practitioner. But who among us is typical? Each of us approaches infosec with distinctive training and skill. Still, before you spend your hard-earned money on this book, we will try to describe the target reader. As an example, you might enjoy this book if you already have experience with networking and are able to program in one or more languages. Although your interest in infosec might be new, you have already read at least a few technical books on the subject, such as Practical UNIX & Internet Security from O'Reilly.
Load more

Recommended publications
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
    [Show full text]
  • BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd
    76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.
    [Show full text]
  • Lecture 1: Introduction to Reverse Engineering
    Boston, 2001 Table of Contents Table of Contents Table of Contents............................................................................................. 2 1. Introduction................................................................................................. 5 1.1 About the Course and Notes ............................................................................ 5 1.2 Definitions...................................................................................................... 5 1.3 Typical Examples ............................................................................................ 6 1.3.1 Hacking ................................................................................................... 7 1.3.2 Hiding Information from Public .................................................................. 7 1.3.3 Cell Phones ............................................................................................ 10 1.3.4 Computer Applications ............................................................................ 10 1.4 Requirements............................................................................................... 12 1.5 Scope .......................................................................................................... 13 1.6 Ethics .......................................................................................................... 13 1.7 Miscellaneous Information ............................................................................. 14 2. Programming Processors
    [Show full text]
  • Cracking Software
    Cracking software click here to download Using this, you can completely bypass the registration process by making it skip the application's key code verification process without using a valid key. In this Null Byte, let's go over how cracking could work in practice by looking at an example program (a program that serves. A few password cracking tools use a dictionary that contains passwords. These tools .. Looking for SSH login password crack software. Reply. This is just for learning. Softwares used: W32Dasm HIEW32 My New Tutorial Link - (Intro to Crackin using. HashCat claims to be the fastest and most advanced password cracking software available. Released as a free and open source software. In order to crack most software, you will need to have a good grasp on assembly, which is a low-level programming language. Assembly is derived from machine. The term crack is also commonly applied to the files used in software cracking programs, which enable illegal copying and the use of commercial software by. If your losst ypur passwords, you can try to crack your operating system and application passwords with various password‐cracking tools. LiveCD available to simplify the cracking.» Dumps and loads hashes from encrypted SAM recovered from a Windows partition.» Free and open source software. Hacking and Cracking -Software key and many more. 33K likes. HACKING TRICKS #PATCH SOFTWARE #ANDROID APPS PRO #MAC OS #WINDOWS APPS. Not everyone can crack a software because doing that requires a lot of computer knowledge but here we show you a logical method on how to. Crack means the act of breaking into a computer system.
    [Show full text]
  • Warez All That Pirated Software Coming From?
    Articles http://www.informit.com/articles/printerfriendly.asp?p=29894 Warez All that Pirated Software Coming From? Date: Nov 1, 2002 By Seth Fogie. Article is provided courtesy of Prentice Hall PTR. In this world of casual piracy, many people have forgotten or just never realized where many software releases originate. Seth Fogie looks at the past, present, and future of the warez industry; and illustrates the simple fact that "free" software is here to stay. NOTE The purpose of this article is to provide an educational overview of warez. The author is not taking a stance on the legality, morality, or any other *.ality on the issues surrounding the subject of warez and pirated software. In addition, no software was pirated, cracked, or otherwise illegally obtained during the writing of this article. Software piracy is one of the hottest subjects in today's computerized culture. With the upheaval of Napster and the subsequent spread of peer-to-peer programs, the casual sharing of software has become a world-wide pastime. All it takes is a few minutes on a DSL connection, and KazaA (or KazaA-Lite for those people who don't want adware) and any 10-year-old kid can have the latest pop song hit in their possession. As if deeply offending the music industry isn't enough, the same avenues taken to obtain cheap music also holds a vast number of software games and applications—some worth over $10,000. While it may be common knowledge that these items are available online, what isn't commonly known is the complexity of the process that many of these "releases" go through before they hit the file-sharing mainstream.
    [Show full text]
  • Is Published Semi-Annually by the Journal on Telecommunications & High Technology Law, Campus Box 401, Boulder, CO 80309-040
    JOURNAL ON TELECOMMUNICATIONS & HIGH TECHNOLOGY LAW is published semi-annually by the Journal on Telecommunications & High Technology Law, Campus Box 401, Boulder, CO 80309-0401 ISSN: 1543-8899 Copyright © 2009 by the Journal on Telecommunications & High Technology Law an association of students sponsored by the University of Colorado School of Law and the Silicon Flatirons Telecommunications Program. POSTMASTER: Please send address changes to JTHTL, Campus Box 401, Boulder, CO 80309-0401 Subscriptions Domestic volume subscriptions are available for $45.00. City of Boulder subscribers please add $3.74 sales tax. Boulder County subscribers outside the City of Boulder please add $2.14 sales tax. Metro Denver subscribers outside of Boulder County please add $1.85 sales tax. Colorado subscribers outside of Metro Denver please add $1.31 sales tax. International volume subscriptions are available for $50.00. Inquiries concerning ongoing subscriptions or obtaining an individual issue should be directed to the attention of JTHTL Managing Editor at [email protected] or by writing JTHTL Managing Editor, Campus Box 401, Boulder, CO 80309-0401. Back issues in complete sets, volumes, or single issues may be obtained from: William S. Hein & Co., Inc., 1285 Main Street, Buffalo, NY 14209. Back issues may also be found in electronic format for all your research needs on HeinOnline http://heinonline.org/. Manuscripts JTHTL invites the submission of unsolicited manuscripts. Please send softcopy manuscripts to the attention of JTHTL Articles Editors at [email protected] in Word or PDF formats or through ExpressO at http://law.bepress.com/expresso. Hardcopy submissions may be sent to JTHTL Articles Editors, Campus Box 401, Boulder, CO 80309-0401.
    [Show full text]
  • 2020-Floss-Roadmap.Pdf
    -1- -2- Why do we need a 2020 FLOSS1 Roadmap? Based in Paris, Open World Forum (openworldforum.org) is a forum dedicated to FLOSS, its players and projects. OWF offers all contributors this open space in which they can express their own vision of FLOSS. 2020 FLOSS Roadmap is the Open World Forum’s main manifesto, and is designed to support discussions taking place during the different OWF seminars and forums. This is a prospective Roadmap, and a projection of the influences that will affect FLOSS between now (2008) and 2020, with descriptions of all FLOSS-related trends as anticipated by OWF contributors over this period of time. It also highlights all sectors that will, potentially, be impacted by FLOSS, from the economy to the Information Society. It is easy to find a wealth of writings on the subject of FLOSS contributed by various analysts, but this study represents a first, not just because of its inward looking vision of the future of the FLOSS Community itself, but also because it is the result of a collaborative effort by all OWF contributors. This first version of 2020 Roadmap is open to comment, and will be re-assessed annually during the OWF. Studies have been carried out in seven key areas: Theme 1: Public policies: promoting sustainable development of shared resources Theme 2: FLOSS: the key to future innovation and competitive differentiation? Theme 3: Ensuring sustainability for FLOSS developer communities and business ecosystems Theme 4: Technological and economic breakthroughs: challenge or opportunity for FLOSS? Theme 5: IT 3.0: towards new governance for information systems? Theme 6: FLOSS: a lever for employment and careers Theme 7: FLOSS in an Open World: Innovations and best practices from Brazil In the first section, we have summarized the discussions that took place during the study period, and this is followed by a special focus on Cloud Computing.
    [Show full text]
  • Open Source Software
    The Medicine Behind the Image OOppeenn SSoouurcrcee SSoofftwtwaarere -- IIss iitt aa VViiaabbllee AAlltteerrnnaattiivvee foforr aa HHeeaalltthhccaarree IInnssttiittuuttiioonn?? David Clunie, MBBS, FRACR CTO - RadPharm, Inc. AAcckknnoowwleleddggeemmeenntsts • Several recent presentations by various PACS luminaries – Steve Langer (Mayo) – Brad Erickson (Mayo) – Paul Nagy (University of Maryland) – Steve Horii (University of Pennsylvania) • Most recent (RSNA 2005) talk at OpenRad – http://www.openrad.com/rsnaopensource.pdf IIss PPrroopprriieettaarryy PPAACCSS VViiaabbllee ?? • Why are PACS much more expensive than the underlying off-the-shelf PC, server and storage hardware ? • How profitable is PACS for the vendor ? • Will the vendor fail or be acquired ? • Will the installed base survive acquisition ? • Will there be long term support ? • How long will the current offering last before sites are forced to upgrade ? • Big vendors are not immune - how many PACS have the they built or acquired then orphaned ? • Is their pace of innovation sufficient ? It only needs to be “incrementally better than the competition” IIss OOppeenn SSoouurcrcee VViaiabblele ?? • Does it exist for your application ? • How much hand-holding do you need ? • Open source deployment is about taking control • With control comes responsibility • Requires that you have the necessary expertise to deploy and support - may be out-sourced WhatWhat isis OpenOpen SourceSource SoftwareSoftware ?? • Open source software (OSS) licensees are free to: – Use software for any purpose
    [Show full text]
  • Software Import and Contacts Between European and American Cracking Scenes
    “Amis and Euros.” Software Import and Contacts Between European and American Cracking Scenes Patryk Wasiak Dr., Researcher [email protected] Institute for Cultural Studies, University of Wroclaw, Poland Abstract This article explores practices of so-called “software import” between Europe and the US by the Commodore 64 cracking scene and reflects on how it was related to the establishment and expression of cultural identities of its members. While discussing the establishment of computer games’ transatlantic routes of distribution with Bulletin Board System (BBS) boards, I will explore how this phenomenon, providing the sceners with new challenges and, subsequently, new roles such as importer, modem trader or NTSC-fixer, influenced the rise of new cultural identities within the cracking scene. Furthermore, I will analyze how the import of software and the new scene roles influenced the expression of cultural distinction between American and European sceners, referred to as “Euros” and “Amis” on the scene forum. Keywords: Europe, United States, crackers, cultural identity, modem, software piracy Introduction The aim of this article is to provide a historical inquiry into cultural practices related to the so called “software import” between Europe and the US, within the framework of the Commodore 64 cracking scene. In the mid-1980s several crackers from European countries and the US established direct and regular contacts with the computer modem Bulletin Board System (BBS) boards. In the existing studies the cracking scene is considered primarily as a social world of crackers (Vuorinen 2007), a particular form of hacker culture (Thomas 2003; Sterling 1992). This study intends to broaden the existing academic work by considering how the transatlantic circulation of cracked software and its appropriation influenced the establishment of cultural identities.
    [Show full text]
  • Meanings That Hackers Assign to Their Being a Hacker - Orly Turgeman-Goldschmidt
    Meanings that Hackers Assign to their Being a Hacker - Orly Turgeman-Goldschmidt Copyright © 2008 International Journal of Cyber Criminology (IJCC) ISSN: 0974 – 2891 July - December 2008, Vol 2 (2): 382–396 This is an Open Access article distributed under the terms of the Creative Commons Attribution-Non-Commercial-Share Alike License, which permits unrestricted non- commercial use, distribution, and reproduction in any medium, provided the original work is properly cited. This license does not permit commercial exploitation or the creation of derivative works without specific permission. Meanings that Hackers Assign to their Being a Hacker 1 Orly Turgeman-Goldschmidt Bar-Ilan University, Israel Abstract This study analyzes the ways in which hackers interpret their lives, behavior, and beliefs, as well as their perceptions of how society treats them. The study was based on unstructured, face-to-face interviews with fifty-four Israeli hackers who were asked to tell their life stories. Analysis of the data reveals differences in the hackers’ self-presentation and the extent of their hacking activity. Although these differences imply the importance of informal labeling since childhood, it seems that hackers succeed in avoiding both, the effects of labeling and secondary deviance and that they feel no shame. Furthermore, they structure their identities as positive deviants and acquire the identity of breakers of boundaries, regardless of the number and severity of the computer offenses they have committed. Keywords: hackers; crackers; hacking; labeling; positive deviant; construction of identity. Introduction Computer-related deviance has not been sufficiently studied, especially from the perspective of the perpetrators themselves (Yar, 2005). The present study analyzes the ways in which hackers interpret their lives, behavior, and beliefs, as well as their perceptions of how society treats them.
    [Show full text]
  • Crippleware - Wikipedia, the Free Encyclopedia Page 1 of 1
    Crippleware - Wikipedia, the free encyclopedia Page 1 of 1 Crippleware From Wikipedia, the free encyclopedia Crippleware is any product whose functions have been limited (or "crippled", thus the name) with the express purpose of requiring the user to pay for those functions (either paying a one-time fee or continually paying a service). Crippleware is also used to describe software that makes use of Digital Rights Management. Crippleware programs are usually free versions of computer programs that lack the most advanced (or in some cases, even crucial) features of the original program. Crippleware versions are made available in order to increase the popularity of the full program without giving it away for free. An example of crippleware is a word processor that cannot save or print. There are several types of crippleware programs. A crippleware version can be the full program with the features disabled; this type can be "unlocked" into a fully functional version of the software, usually via a serial number. A crippleware version can also be a special trial version of the program that does not even include the executable code for the disabled features. In this case, only users who buy a license are given access to another version of the program, which is fully functional. A third type is where the functionality of the software or hardware is permanently compromised from full functionality due to third party agreements. For something to become crippleware, it usually requires the manufacturer or author to take active steps to reduce the capabilities that the hardware or software could otherwise handle.
    [Show full text]
  • Consumer Response to Versioning: How Brands Production Methods Affect Perceptions of Unfairness
    Consumer Response to Versioning: How Brands’ Production Methods Affect Perceptions of Unfairness ANDREW D. GERSHOFF RAN KIVETZ ANAT KEINAN Marketers often extend product lines by offering limited-capability models that are created by removing or degrading features in existing models. This production method, called versioning, has been lauded because of its ability to increase both consumer and firm welfare. According to rational utility models, consumers weigh benefits relative to their costs in evaluating a product. So the production method should not be relevant. Anecdotal evidence suggests otherwise. Six studies show how the production method of versioning may be perceived as unfair and unethical and lead to decreased purchase intentions for the brand. Building on prior work in fairness, the studies show that this effect is driven by violations of norms and the perceived similarity between the inferior, degraded version of a product and the full-featured model offered by the brand. The idea of Apple gratuitously removing fea- been recommended by economists as a production method tures that would have been actually easier to that benefits both firms and consumers (Deneckere and leave in is downright perplexing. McAfee 1996; Hahn 2006; Varian 2000). Firms benefit by reducing design and production costs and by increasing profits The intentional software crippling stance they have taken with the iPod Touch is disturbing through price discrimination when multiple configurations of at best. (Readers’ responses to iPod Touch re- a product are offered. Consumers benefit because versioning view on www.engadget.com) results in lower prices and makes it possible for many to gain access to products that they might otherwise not be able to afford (Shapiro and Varian 1998; Varian 2000).
    [Show full text]