Group Project on Hacking

Group Project on Hacking Rohullah Sadiqi, Masood Omary, Shafiullah Rasool CIS-208 25/09/2013 R.K Sharma Stratford University (New Delhi)

Group Project on Hacking

ACKNOWLEDGEMENT

We accord our gratitude to our guide Mr. RK Sharma, who has contributed his life-size expertise in bringing out the best of us in this piece of project work, but for which this work would not have seen the light of the day.

At last but not the least whom we owe a lot of thanks are for our all classmates for their valuable cooperation in helping me to get the nice work of presentation without which the present presentation of my work would have been altogether different. We are greatly in debt to numerable friends of ours, Parents, Sisters and Brothers, whose name could not find place in this acknowledgement, extended their infallible inspirations in giving me the final touch to this work.

We on behalf of millions of students fraternity preserve the highest form of gratefulness to Stratford, USA which tirelessly striving in giving shapes to millions of career and thereby building the nation.

Group Project on Hacking

Finally we dedicate this work to forefathers of computer, which was the beginning of the modern technological age.

(Rohullah Sadiqi) (Shafiullah Rasool) (Masoom Omary)

CERTIFICATE

It is to certify that the project entitled Hacking is done by Mr. Rohullah Sadiqi, Shafiullah Rasool, Masoom Omary, Students of MAII Stratford, Lajpat Nagar, New Delhi.

This system is going to be proved very useful and productive in Computer Science and forensics. Their work is genuinely original and to finalize it, they have put in tremendous energy and effort. The usefulness of the work needs to be appreciated.

I wish them all success.

(Campus Dean) (Faculty)

Group Project on Hacking

DECLARATION

I hereby declare that the project entitled AUTOLAND ARMORED COMPANY is genuinely original and no one has ever before produced exactly this piece of work to the best of my knowledge and belief. This project has not been submitted earlier whether to this university or to any other institution for fulfillment of the requirement of a course of study.

PROJECT GUIDE

STUDENTS

(Raj Kumar Sharma) (M.Tech. Computer Science)

(Rohullah Sadiqi) (Shafiullah Rasool) (Masoom Omary)

Group Project on Hacking

Abstract

In this paper, various classes of computer hackers, with special emphasis on famedriven versus profit-driven hackers. We use simple economic analysis to examine how each of these hacking "markets" work. To evaluate the current policy of the United States, with the aim of reducing the threat of computer hacking and that this policy greatly affects the resulting framework is used. Our comments policy is consistent with the framework provided insight as a means to strengthen cyber security.

Group Project on Hacking

TABLE OF CONTENTS

Introduction To Hacking..... 7 A Brief History of Hacking ..... 9 Good Hackers...... 13 Bad Hackers: Hacking of Notoriety 15 The Economics of Fame-Driven Hacking ....... 19 Greedy Hackers: Hacking for Profit 22 Policy Implications . 23 Policy and Profit-Driven Hacking... 24 Policy and Fame-Driven Hacking ...... .25 Conclusion ....... 28 References ...... 31

Group Project on Hacking

Introduction

In the digital age cyber security is perhaps the most important form of security individuals must be concerned with. Banks, schools, hospitals, businesses, governments and virtually every other modern institution you can think of stores and organizes its information electronically. This means that all of your most sensitive informationfrom credit card numbers and checking accounts, to medical records and phone billsis accessible for viewing, stealing, or manipulating to anyone with a PC, an Internet connection, and some computer know-how. The increasingly computer-based world is increasingly vulnerable to malevolent computer hackers. While we know little about these shadowy hackers we have a very clear picture of the damage they do. In 2003, hacker-created computer viruses alone cost businesses $55 billionnearly double the damage they inflicted in 2002 (SecurityStats.com 2004). In 2000 the total cost of all hack attacks to the world economy was estimated at a staggering $1.5 trillion (PricewaterhouseCoopers 2000). In a 2004 survey of American companies and government agencies conducted by the Computer Security Institute, over half of respondents indicated a computer security breach in the past 12 months and 100 percent of respondents indicated a Web site related incident over the same period (CSI 2004). If anything, these figures probably underestimate the amount of security breaches involving hackers. Companies, especially financial institutions, are very reluctant to report hackers to steal the fear of how it might affect the perception of customers and shareholders for their safety. In the survey of U.S. companies conducted jointly by CSI

Group Project on Hacking

and the FBI, nearly 50% of companies that experienced the system in the past year said they did not report the intrusion to anyone. The main reason cited by the negative impact of perceived corporate image or actions (CSI 2004: 13-14), and similar results have been confirmed by others (see, e.g., United Nations, 1994, Shell et al 2002: 40). What can we say about the enigmatic hacker, and what we can do for the cost it imposes hackers? This paper uses a simple economic analysis to try and better understand the phenomenon of hacking. In particular we are interested in developing a framework for analyzing the policy is related to hacking. Toward this goal, the hacker community can be divided into three groups separated by motivation. The first floor consists of hackers as "good. The hackers illegally breaking into computer systems, but on a voluntary basis with those responsible for security weaknesses of these systems share. Second -class reputation based hackers. The third group of hackers is greedy These hackers are not motivated by considerations of reputation, rather than profit driven. Profit -driven hackers can be good" or " bad depending on the type of behavior led to the greatest financial return. Economic Analysis hackers distinct categories gives important clues to the policies aimed at reducing the security threat posed by hacking. In Section 2 we provide a brief history of piracy. Section 3 of the good hackers, Section 4 of fame-driven hackers and hackers for profit are considered in Section 5. The policy implications of the analysis in Section 6 and 7 is our conclusion.

Group Project on Hacking

2. A Brief History of Hacking

Hack history dates back to the 1960s in the U.S., where members of the Tech Model Railroad Club at MIT systems "hack" control model trains to run faster, more efficient or different from what they were designed. About the same time, its Artificial Intelligence Laboratory at MIT, where some of the first large mainframe computers are in the introduction. The innate curiosity of how things work, several of the club members are attracted to the MIT AI lab. The computer name is big, slow and PDP -1 are very expensive to operate. To overcome some of these problems, making smart programmers "hack" the system shortcuts that perform some functions faster and easier. MIT only source of activity is not piracy. Calculations research centers such as Bell Laboratories (Bell Labs) in it too. One of the most important in the history of piracy, AT & T Bell Laboratories in 1969, two workers, Dennis Ritchie and Ken Thompson, an open source operating system market leader, which they called UNIX. UNIX is the computing speed of the standard language. The first steps in hacking it has something to do with illegal activities or cybercrime. Conversely, improved access to consensual and hackers deface place. In the 1970s, however, things began to change. Hackers are starting to realize the potential of piracy for personal gain. Specifically, wiretapping activity is increasingly an activity called "phreaking" in the early 1970s Vietnam veteran named John Draper is a free plastic whistle that came in a cereal box or something Captain overwhelming sound crushed under the wheels, and therefore require the accurate reproduction of the teeth or below 2600 Hz for long distance calls. Blowing the whistle on the phone at the right time AT & T switching system that has been granted legal access to a remote phone and the caller has the ability to pay.

Group Project on Hacking

10

After discovering I Draper Takes on the pseudonym "Cap'n Crunch" and quickly produced under the ground for hackers and phreaks your creativity with the used in remote calls. Other hackers Draper built on innovation, by building "blue boxes" designed to help the long-distance phone fraud. Given the time involved in. Such phreaking hackers include: Steve Wozniak and Steve Jobs, future founders of Apple Computers. In 1978, two hackers from Chicago to start a computer bulletin board computers, creating the first virtual meeting place for the growing hacker community, where members can advise, stolen credit card numbers and other information, go to the or coming out of Their hacking activities to share. The publicity given to the Packers in 1983 somewhat war video games, in part, with the new price of computers and the world increasingly online, partly stimulated by the presence (ARPANET during this time, becoming Internet) , Shyvhk team rises again in the 1980s. 's. 414 of the first bands to arrest and punish by law for cybercrime, including illegal access to computer systems at the Los Alamos National Laboratory, which is developing a nuclear weapon, breaking into the system Sloan Kettering Cancer Center in New York, 0.414 is not alone in the new world of hacker crime. "Legion of Doom" and "Masters of Deception" one to two leading, rival hacker gangs were born in the 80s. In response to the increasing number of crimes related to the hackers, the government of the United States 1984 made it a crime to gain unauthorized access to computer systems.

But it does not stop hackers breaking into computer systems. In 1988, the world witnessed the first act of a new type of Internet worm hacker inadvertently spread by its author, Robert Morris Cornell University. Morris has been identified, a fine of $ 10,000 and sentenced to three years probation. In the late 80s the first state visit to the hacker.

Group Project on Hacking

11

Several members of the band West German hackers, "Chaos Computer Club" steal information stored electronically and sell it to the United States to the Soviet KGB. In the 1990s an activity of hackers increasingly asks the U.S. government to conduct surprise raids on suspected hackers clothing locations in 14 cities across the country ("Operation Sun Devil"). Although arrests have been made and many in the hacker community turn for safety, pirate activity continues. Another trick is over guys pranksters behavior or mass retailers. Hackers have turned their talents to a much larger journey. In 1995, two Russian hackers have stolen $ 10 million Citibank. In response to the serious hacker activity, like this one, in 1998, the National Information Center of the United States, infrastructure protection, designed to protect telecommunications, transport and technological systems from hacker attacks curtain. In the new millennium, hacking activities once largely confined to the U.S. and Western Europe is a global phenomenon. The severity of the crimes committed by hackers again increases. Design hackers "denial of service" companies fell hackers network as Yahoo, eBay, Amazon, and others, that cost millions of dollars in lost business. Power and the spread of malicious viruses continues to grow, culminating in May 2000 with the virus of "I Love You", it is estimated that the global economy nearly $ 9 billion, most harmful viruses, hackers created to date cost (CIS 2002). As history shows, the "hack" refers to various activities. This includes, for example, password cracking, mail bombing "logic bomb" denial of service attacks, viruses and worms writing and publishing, visualization is limited to electronically stored information belonging to others, URL redirection, unadulterated web site, or any other behavior that involves accessing a computer system without proper authorization. Moreover, although in most cases limited to hacking, does not have to be, and can be increased to fraudulent activities related to the phone (e.g., tricking the phone to allow long distance calls, the

Group Project on Hacking

12

The term "phreaking"), credit cards (e.g., a toy to "steal" code stored in magnetic credit cards, and copy to others), subway passes (e.g., adultery happens or approve reader allows unlimited free travel), parking meters (m fraud allows unlimited free parking, parking meters) and almost every other electronic components. We limit our analysis mainly for hacking computers, but the basic principles are clear to us may also be applied to other forms of piracy. Some hackers called many of the above activities "piracy" and lead to "hackers." In these circumstances, they insist, must be harmless (and often illegal) activities of computer enthusiasts that the system is a break, take a look around to learn how things work and leave everything intact. According to this view, the "cracker" to destructive behaviors "Leave" listed above, which are incorporated regularly hacked harmless. While we know the difference, however, choose to refer exclusively to the discussion of the pirates and the community.

Group Project on Hacking

13

3. Good Hackers While piracy psychology is still in its early stages, the preliminary investigation appears to be some consensus about what motivates hackers are hacking. Individual hackers and hacker groups in large underground networks composed of social work or similar community. It is based on the best empirical work that examines the pirate mind is based primarily on interviews and surveys the underground community members. Briefly summarize some of the latest findings in the literature following small. It seems that many hackers to "kick scientists generally false or misleading impression to others about their reasons for piracy (Platt , 1997 : 53 ) .4 However, this fact should be noted that the results of research aimed to identify motivated hackers . However, the best information we have so far, so we have to use it unless it avoids the problem of empirical research altogether.

Current and complete information about the population of hackers, motivation, lifestyle, etc. are collected by Shell et al (2002). There e) the presence in July 2000. These agreements include the Convention on the DEFCON 8 H2K the New York Convention in Las Vegas. Besides managing the anonymous survey, the researchers randomly assigned some hackers in depth issues (again anonymous) hackers agreed to do the interview.

The total size of the hacker community is uncertain, though many accounts, is relatively small. According to Sterling, Some professional informants have estimated the Hacker population size as high as fifty thousand. However," this is likely to be highly inflated. 'S. 'S.de others showing that the population of male hackers, only 9 percent of those surveyed by Shell et al (2000), women (see, e.g., Taylor 1999, Gilboa 1996). thus consistent with older findings, most hackers were younger than 30 years, the average age of about 27 years, an average of 24 and 25 (i.e., SRI 1994).

Group Project on Hacking

14

The motivation for piracy vary, but an important part of harmless hackers stated reasons for his behavior. 36 percent said they cut the "advanced networking capabilities and PC software", 34 percent say they hack "to solve puzzles and challenges," and 5 percent said they hacked into "the community a better place to live. If we are to believe the numbers, the vast majority of hackers are harmless. True, unauthorized access to computer systems, which represent a potential security threat. But they themselves will not cause damage. However, to the extent that they share with other members of the security holes that are indirectly responsible for the hacker community of computer users at risk, but it is unclear to what extent the "good" job of hackers.

The good part of the population that hackers are the services of questionable value for non-computer users. Some of the discovered security holes hackers, programmers and system operators of computer systems that are security weaknesses. This information can then be used to patch holes or strengthen vulnerabilities, preventing intrusion by less benevolent hackers. However, we suspect that we recommended here by hackers (and hacked) is spam. So should have been corrected. Although in a sense, because it's better you play, other means can be justified in their anger. Unfortunately, good data on the proportion of benevolent hackers in this way are not available. Complicating matters is the fact that good hackers are good hackers are much more robust than other operators and system programmers who are vulnerable to their advice. Some hackers are well aware of the threat to security weaknesses release holes unless they have found to correct the problem.

Group Project on Hacking

15

Good hackers seem to be the most difficult to treat because their human "basic" needs and not motivated by money or fame. Fortunately, because they are the weakest and probably responsible for at least a threat of harm to people and businesses in the community of hackers community. We lose relatively little at least in terms of felt the cost of this lack of understanding. Much more important from a security perspective are evil people who do hackers to gain knowledge of such acts for the benefit of personal profit.

4. Bad Hackers: Hacking for Notoriety Research by Shell et al (2000) show that only 11 percent of respondents with evil motives. However, a small percentage of bad hackers may be important to consider them, they are responsible for the full cost of the damage caused by hackers every year. It is hard to say what it is, but it is clearly contrary to the other review motivated hackers. Fame and recognition of partner ranks among the main motivations cited by security experts and hackers alike hackers, hackers and other discussions on psychology (see, for example, Zoetermeer 1999, Blake 1994, Stirling 1991; Hannemyr 1999, Platt, 1997, Thomas 2002; Verton 2002) 0.7

As Dnyng, noted that "the stereotypical image of a hacker who is socially incompetent, and stop supporting people's computers, hackers are, the more likely it is that the social aspect. They love interact with other people on message boards, full email, and in person. They share stories, gossip, opinions, and information; work on projects together; teach younger hackers; and get together for conferences and socializing (1992: 60). From bigger, stronger, more destructive, or creators new hack his notoriety among members of Metro community.8 the password hacker can abuse among members of the

Group Project on Hacking

16

community in a number of ways to spreads. First, hackers could be by word of mouth to spread, reproduce fellow hackers or other replicates the rival gang members and others. Second, hackers may be responsible for hacking websites, bulletin boards or lists as "BugTraq," 9 "rootshell", "Summary Risk Profile" and "VulnWatch email hacker." With other members of the community for these people to eat.

Anonymity preserving its nickname chosen by the authorities.10 hackers tend to be more memorable and impressive, for example, "Dark Dante" (aka Kevin Poulsen), "Captain ZAP" (aka Ian Murphy), "Nocturne" (leading member of the group hacker Cult of Dead Cows), etc.a factor that aids hackers ability to generate notoriety within the community when they post new information. The same is true of names selected by hacking gangs, for example, World of Hell, Bad Ass Mother F*ckers, Circle of Death, Farmers of Doom, and so on. 11 The fame-based motivation of many bad hackers helps to explain why profane, absurd and overstated gang names and handles pervade the hacking underground. Hackers and hacker groups are creating their own celebrity status can also go for Mods Hkrhara in the community setting. For example, two of the most famous hacker groups history of piracy, the Legion of Doom and Masters of Deception, by virtue of a process in which a group of hackers and after a lot of comics based on the characters. Similarly, the band 414 - one of the first bands of hackers raided by the authorities marked tendency to create categories based on numbers (Shell et al 2000: 58). Underground world of computer hackers has its own media outreach publish books related to hacking, newspapers and magazines and zines. Some examples of the latter in 2600: Hacker Quarterly Magazine, Black Hacker, Computer Underground Digest, Phrack Magazine, tick Journal piracy Hack academy Journal,

Group Project on Hacking

17

Hacker chair, piracy, smugglers, and the binary Magazine to name a few. Within these media, hackers published How to" articles (for example, how to cheat Zdndstgah ATM) and new information to share from the last meeting is taking advantage of their hacks. Books and articles published under highly publicized hacker access the author of a large audience and meet some of the hackers as "better" in your area, increasing within the community. One of the biggest problems - Phrack, but includes a section called "pro edge" in which famous hackers, retired legends, or rising stars in the hacking community are profiled and interviewed for readers, with special highlights on their biographies and most impressive hacks. In this way, outlets like Phrack served as the means to legitimate hackers for the underground . . . presenting them as celebrated heroes to the readers that made up the underground (Thomas 2002: 140).

The fame through these channels has its advantages for hackers who can produce underground fame on additional digital access only be shared within the group. As a hacker, put it: "It was very important to recognize, for example, when recognized, will have access to more so Many people rush for fame and whoevers hacked.' ... is an informative article on a magazine (e.g., Phrack, NIA, etc.) may be admitted to the bulletin boards.

Such was the case, for example, Captain Crunch, whose name is forever linked to the operation of the phreaking great discovery has led, among other things, another major hacker publications -2600 - named after its discovery.

"Condor" also known as Kevin Mitnick, the hacker underground and in the same star status as a cult itself. His photographs and stories have appeared in newspapers and

Group Project on Hacking

18

magazines around the country and Mitnick, told his story on TV 60 minutes. In addition to serving as the basis for numerous books, Mitnick hacked helped inspire the term "Cyberpunk" in popular culture, famous in part Mitnick pointed to by writers / journalists Kathy and John Hafnr Markov (1991) 13 was used in the last Mitnick arrest in 1995 by a group of his followers, the hacker community has protested the trial in late 1990. The group of hackers who called themselves a band called "Hacking for Girlies was organized," New York Times web page cannot load and delete a message, Mitnick guilty to all readers.

Select hackers to gain their fame among the "elites" underground worms. These people are usually leaders of the band as "Lax Luther" (former head of the Legion of Doom), or "Phiber Optik" (former master of deceit) that even the New York Magazine as one of the cities "was proclaimed smarter 100 personas.se used.

Most hackers, however, did not reach the level of fame simply download pre-built data and programs as "Trin00", "Tribe Flood Network" or "Stacheldraht" prepared by the best hackers use to attack systems.14 The "script kiddies", Elmas by elite hackers. It requires some skill to hit piracy Amazon.com, for example, "Mafia boy," some code hacking ANTICS 15 year cost of $ 1.7 billion in the largest Internet retailers in February 2000 showed.

The most famous hackers driven explicitly avoid monetary gain to hacking as part of his work reckless and Profile such entities as subordinating the creative skills of the hacker to the greedy corporate world.

Group Project on Hacking

19

4.1

The Economics of Fame-Driven Hacking Drives based on the reputation that many hackers have specific implications for this part of the market "hacker" looks. "Coin of the realm" for hacking driven fame, of course, fame. How can we model this "market" because traditional markets where money drives the production and prices adjust to balance different providers and Fame-driven hacking "the market" in terms of quantifying the relationship between reputation and hacks? The map of "supply and demand (as discussed below, the demand in the conventional sense) fame / hacked space.

On the one hand, the "market" is known producers who want to cut. Hackers plan to launch the normal positive slope. When you have to get a little fame by hacking, they are less willing to offer. The position of the supply curve, is determined primarily by the cost of piracy. Average hackers hacking initial fixed costs, which in most cases is reduced to a computer, a phone line (or cable) modem and a face. Variable costs, electricity costs are composed primarily of hackers. Another factor determining the position of the supply curve is the number of hackers in the industry. This population is significantly limited the number of people seeking fame in the hacker underground (his sister, for example, might be able to hack, but they tend to be very popular among hackers, etc.) is relatively small. The population of people who wish to enter the "Hall of Fame Hacker", which ends up limiting factor that determines the position of the supply curve of hacking. The other side of this uncommon common sense "market" is that it. Launch hack hacked hackers happier when the rest of the community. The access version security value of the company, for instance, has been compromised, or may serve as

Group Project on Hacking

20

indirect hacker attacks to see their political objectives In the fame-driven case the hacking community does not pay for more hacking with a higher price. The producers of hacks do not seek money and, as we noted previously, often explicitly reject monetary reward. They seek fame. This, in conjunction with the fact other members of the hacking community value additional hacking, leads them to cheer more, so to speak, when additional hacking occurs. Additional cheering is translated into additional fame for the suppliers of hacks. Rather than demanding the output of suppliers in the usual sense, the other side of the fame-driven hacker market consists of individuals (the hacking community) who respond to the supply of hacking with greater or lesser applause. In the language of economists, the hacking community has a reaction function, which specifies how this community reacts with fame to various quantities of hacking that are supplied by hackers. More hacking is rewarded with more applause and less with less applause. The hacking communitys reaction function is therefore positively sloped like the supply of hacking itself. The interaction of the supply curve for hacking and the hacking communitys reaction function creates two possibilities, depicted in Figure 1 and Figure 2.

Group Project on Hacking

21

In Figure 1 hackers supply curve is less elastic than the hacking communitys fame reaction function. In Figure 2 the reverse is true. This means that in Figure 1 the producers of hacks are more responsive (sensitive) to changes in fame than the community of reacting hackers, and in Figure 2 the community of reacting hackers is more responsive to changes in fame than are producers of hacks. These two possibilities have very different (and in fact, contradictory) implications for policy aimed at reducing the quantity of hacking in the fame-driven hacking industry. It is therefore very important to carefully consider the impact of existing policy in each case and, if possible, identify which case is more likely to prevail. We address these issues in Section 6.

5. Greedy Hackers: Hacking for Profit The third class of hackers hacking activities are driven by the profit potential. The Packers have nothing to do with the reputation of dollars and can be both pool hacker is good or bad. The Packers are a good group to work or set up computer security companies. In 2001, $

Group Project on Hacking

22

1.8 billion industry in the United States alone (Wing field 2002), respectively. Some security experts employed or running the company reformed hackers

Some examples of this are already gone, Com sec Data Security, former members of the Legion of Doom function by four and put the security office of Mark Abene (aka Phiber Optik) former leader of the Masters of Deception. Provision, called Crunch box and Ian Murphy (also known as Captain ZAP) implemented IAM Secure Data Systems Inc.17

Out of mistrust, many companies are reluctant to hire reformed hackers to improve security. Ultimately, responsible and went bankrupt because of Comsec. Big companies like American Express, Dun and Bradstreet and Monsanto hired so-called "tiger teams" to test your system for vulnerabilities in (Roush 1995: 6).

The markets for good and bad hackers seeking profit motive is introduced. Because the money supply and demand balance hack price / value of the price of traditional suppliers. Both markets are the sloping supply curves and demand curves have negative slope. In both cases, hackers hacked a larger amount if they are paid more, and less, if they are paid less. Similarly, both criminal and legitimate Nothing. This can be good or bad from the point of view of security. Although piracy trick to gain profit is bad, the winner ahead of safety. Several hackers, bad endogenous and foreign collectors. However, if evil Profit Hacking is more profitable, the opposite is true. Growing pirate threat supply the best and brightest hackers to gain employment in the dark.

6. Policy Implications

Group Project on Hacking

23

In essence, this law only applies to government computers, but it was later expanded to include any team participating in trade for extortion interstate Estado due to damage to a protected computer (Raysman and Brown 2000).

Most violations of the law can be fined up to five years in prison and $ 250,000 for the first offense and up to ten years in prison and a $ 500,000 fine for the second offense will result. Any violation of this rule leads to the death of at least six months. Abuse Act Computer Fraud and also allows any person who has suffered damage as

Therefore, the violation of civil charges against the offender for damages. Moreover, since some hacks involving violation of copyright, Copyright Act Digital Millennium to punish those who try to disable the encryption system used to protect copyright. In short, hackers, criminal law, good or bad, with heavy fines and imprisonment. It is hoped that through this punishment, hackers hack. Analyze what I can say about this policy?

6.1 Policy and Profit-Driven Hacking In the case of profit-driven hackers, present policy achieves its desired end. By increasing the cost of bad for-profit hacking through making this behavior criminal, current policy reduces the supply of bad for-profit hacking. The effect of this legislation is two-fold. First, it raises the equilibrium wage of producers who remain in the bad for-profit hacking industry, and second it reduces the quantity of bad for-profit hacking supplied. These effects of current legislation are depicted in Figure 3.

Group Project on Hacking

24

The current policy of the Mass hacking for profit effectively reduce the piracy, this is all what politics cannot do this. As mentioned above, the rate of return relative to a hacker as a bad job, a good income to determine which of the top markets for the benefit of hackers generally get hacking for profit. As we both have a positive effect on security. First, it reduces the number of hackers, bad for profits and, second, that employ a "side" in the battle against evil hackers. One way to look fairly good profit piracy more attractive to hackers hacking for profit, to raise money for the benefit of the poor , who carry out the law of prohibition of the activity . Another good way to increase the competitiveness of hacking for profit, however, to rise up against his back in the bad hacking for profit. To do this, the government can fine industry workers and companies to profit from piracy through direct transfer or through tax breaks and other subsidies, preferential treatment, leading to increased revenue in this industry. The effects of this policy is shown in Figure 4.

Group Project on Hacking

25

6.2 Policy and Fame-Driven Hacking Although current legislation is appropriate for profit-driven hacking, it may not be effective in reducing the quantity of hacking for fame-driven hackers. Recall from Section 4 that the fame-driven hacking industry may look one of two ways. In the first case the supply schedule for hacking is less elastic than the fame reaction function for hacking, and in the second case the opposite is true. We also noted in Section 4 that these differing cases have contradictory implications for the effectiveness of present policy. To see why this is so, consider Figures 5 and

Group Project on Hacking

26

As a non-profit hacking, piracy is punishable current law, which usually increases the cost of hacking activities driven reputation too. This results in the release hack in Figures 5 and 6 present the demons of the left SHIFT S'H demonstrated S '' H. The uneven impact of this policy in all cases in which a high note. Figure 5, where the heck is less elastic supply reaction function of the fame of the hacker community , politics affects the stability drops to hack the Q'H Q '' H. When supply is more elastic than the hack hacking backlash from the community, however, is true. Figure 6 a perverse effect on politics. Increases the cost of the anti - piracy that led directly to the compromised more, not less. In particular, the increase in the amount of HK Q '' H - Q'H a. Perhaps surprisingly, stiffer penalties for piracy imposed by law, to further enhance the reputation driven hack. In light of the contradictory effects of the policy in each of these cases, the question arises: which of them is likely to be a real industry reputation based on characters trick? The elasticity of supply known as hackers ' ability to meet the growing demand additional depends heavily hacked hacking. Since the marginal cost of piracy is positive and increases with additional output, it is reasonable the hack is fairly inelastic, at least in an output range.

Group Project on Hacking

27

In contrast, Heck reputation, it seems quite elastic. The logic here is simple. The final cost of fame is very low, if not zero, the hacker community. Unlike the loss of money , which included victimize successive major options such as increasing the price paid , provided that the celebrity is essentially no cost. Increasing fame hack The "pay a heck of a lot cheaper. Their person and power "(2002: 114). Whilst it is possible to develop a number of celebrities, fame, winning the negative sum game. This means that the hacker known by others members of their community grants is relatively sensitive to changes in the supply of hacking. Tender a perverse effect.

These policies are subject to change in response to the hacking community right-toleft instead of moving the supply curve. At least some of the actions that can be taken in this direction there. Unfortunately, towards the end of the flagrant violations of basic civil liberties that many will disagree. For example, we have discussed above, one of the ways that the hacker community has established a reputation for innovative hackers published in magazines and books. Hackers hack to the reputation of the publication ban does not, but is likely to be forced to find ways of encouraging more costly to hackers and fame. It can work against the public bulletin boards and mailing lists has been hacked. Hackers forbid hackers programs, tips, etc., is more expensive for the hacker community known for its awards, innovative hackers. Again, the obvious reasons, well, the process is like it is hated. However, they can remain effective tool for reducing the amount of piracy celebrity driven

7. Conclusion While computer hackers constitutes a major security concern for individuals, businesses and public institutions across the globe, hacking and hackers underground culture remains

Group Project on Hacking

28

much of a black box for both lawmakers and those vulnerable to hacker attacks. The mystery that surrounds much of hacking prevents us from arriving at definitive solutions to the security problem it poses; but our analysis provides at least tentative insights for dealing with this problem. Analyzing computer hacking through the lens of economics gives rise to several suggestions in this vein. First, it is critical to recognize that are different kinds of hackers characterized by disparate motivations. Because of this, the most effective method of Reducing the risk posed by hackers in general will tailor legislation in such a way as to target different classes of hackers differentially. We looked at fame-driven and profitdriven hackers and showed how punishment appropriate for one may actually worsen the problem generated by the other. Current policy directed at reducing hacking by affecting the supply side effectively reduces the quantity of bad profit-driven hacking. Fortunately, there are also good reasons to think that this policy effectively reduces the quantity of fame-driven hacking. If, however, there were strong reasons to think that the elasticities characterized in Figure 6 prevailed over those in Figure 5, supply management that raises the cost of hacking would exacerbate instead of reduce the quantity of fame-driven hacking. We have suggested why we believe this is unlikely to be the case. Still, because of its contradictory policy implications it is important to investigate this issue further. Our analysis has only touched upon the many and complicated issues regarding computer hacking. In particular, we have not given adequate attention to good hackers who are driven neither by fame nor money,but who voluntarily report security weaknesses to vulnerable computer operators. While the behavior of these hackers is still illegal, it may play an important role in helping to prevent the attacks of more malicious hackers. We have also not paid sufficient attention to the potential impact that tailoring hacking-related punishments to the age group of the perpetrator may hold for reducing the

Group Project on Hacking

29

security threat posed by computer hackers. We noted that most hackers are relatively youngunder the age of 30. While this demographic generally cuts across fame-driven and profit-driven hacking groups, there is some evidence suggesting that a disproportionate number of profit-driven hackers are above this age threshold. The different ages of the individuals in these two different groups suggests that punishments designed to hit each age group where it hurts will be more effective in reducing hacking than a one-size-fits-all approach that may deter the members of one group who are older, but do little to deter the other class of hackers who are younger. In other words, we may want to punish fame-driven hacking, where hackers are younger, with one kind of punishment that deters younger individuals, and punish bad profit-driven hacking, where hackers are older, with another kind of punishment. This seems relatively simple and yet to our knowledge has not yet been addressed in policy discussions. Presumably 14 year-old script kiddies and 50 year-old men value different things, so effective deterrence will mean differential punishments. If even after considering these issues it is decided that a uniform punishment for all types of hacking (fame or profit-driven) is desirable, it will still be wise in developing legislation for dealing with hackers to take into consideration the fact that it will inevitably apply primarily to young men. This suggests that effective punishment might be unconventional even if it is uniform across types of hacking. We leave issues like these for future research.

Reference

www.google.com: some Informations have been taken from google search engine Wikipedia: This website helped a lot in completion of this project some general knowledge taken from Wikipedia and implemented in the project