Ankit Fadia Torn Apart July 11, 2008 TAUFEEQ ELAHI

www.taufeeq.com 00.92.322.528.3199 [email protected]

Apart from media, printed press has played a very important role in the way hacker subculture has been portrayed to common people. There have been lots of book out by several authors who claim to know much about hackers. One of the greatest titles of our time is "An unofficial guide to Ethical Hacking" by Delhi native young lad, Ankit Fadia. I had both heard and read about him until I finally got hold of his book published by Macmillan. This book claimed quite a bit of green stuff as well as fame for him in the international market. As this book claims to be a representative of Ethical Hackers and how they work, and has been propagated throughout the world, leaving its marks on millions of mind, I would like to comment on it. The book starts with New York Times' press release saving: Scared of Hackers? Indian teenager offers help. (The New York Times) The New York Times questions the readers if they are scared of Hackers and lad is there to offer help. New York Times seems to be confused about what they knew the real meaning of a hacker, they would have never used the instead they would used the word 'cracker'. This is of course nothing new that the press confuse two very distinct entities together. that an Indian a hacker is. If word 'hacker', the media and

Ankit is a young computer genius who seems to be looking at the world of hacking with his own prospective. He seems to understand the difference between a hacker and a cracker in the opening of his book, and also seems to know that the media never portrays a 'hacker' in the right way. He understands that the media is responsible for the exploitation of real hackers. Then something weird happens and he totally changes the whole scenario. Here is the definition of hacker by Ankit Fadia. "...by using their knowledge in a constructive manner they help organizations to secure documents and company secrets, help the government to protect national documents of strategic importance..." For him, use their it seems that hackers are people 'employed' by big corporations and then knowledge about computers to save important information on critical server

machines, and especially company secrets last chapters, I have already and codes of corporations that they by which they exploit the end user. are CEO's soul mates.

as he calls it. From the example of Skala that I mentioned in the explained that hackers break open the secrets use to confine information and truth, their trade secrets But our Indian lad seems to have an idea that hackers

Fadia bitterly fails to realize the actual status of a true hacker. For me, I consider him as yet another security guy. A person with adequate knowledge of digital systems and nothing more. He's just like a person who has done a computer security certification ...say a Cisco Certified Security Professional. He is a person fighting against so called computer crime, and working for the main stream society. This is indicated by his statement that : "A cracker gains popularity only amongst a small part of the population that is the underground world. An ethical hacker, however gains popularity amongst a large section of society, and believe me, a hacker who is popular among the normal people is also envied and respected by crackers." He seems to be delighted by the fame and respect he is getting from the main stream society, and for the most of all, he mentions 'normal people' in the above text. This means that he considers all others involved in the computer underworld as abnormal people. Here my concern or point is not to prove who is normal and who is abnormal, but the point that he thinks that an ethical hacker exists in 'normal' people... that is the main-stream society, and I am afraid he is wrong. To be a hacker, you have to have a life of a hacker, and be a part of this great sub-culture. He seems to be inspired by people who have spent 18 hours a day in front of their computer screens and amassed billions. He writes: "...let me give you a living example which will surely point you in the right direction and help you choose between a cracker and a hacker." And then he continues to admire Bill Gates who he thinks was a true hacker when he young. He continues: However, they were wise and are today in a position which most of us dream to be in. Well, again it seems that he loves the knowledge of computers because it can buy you a CEOs chair, fame and a few billion dollars. For me this is a horrible description of hacker or their code of conduct. Bill Gates is considered as a renegade, a person who betrayed the subculture for the sake of money, stole codes and sold the buggy stuff to the world. He is the most hated guy in the hacker sub culture, and Mr. Fadia gives his readers this very mans example. He insists that : "...I assure you, you will definitely become famous and would probably be sitting on a pot of gold."

Hackers would never spoil their mind and eyesight in front of a computer screen if it was just about money and fame. Doing any business can get you more money then writing a lousy assembly code. His hero seems to be Bill Gate for he is a rich man today and seems to be less concerned with the buggy operation systems that Microsoft releases in the market. Surprisingly, he himself writes in his book that : ...you know why a hacker running windows is considered to be lame and why a hacker laughs whenever someone says Microsoft and security in the same sentence. Microsoft did no good to the computer industry, except providing a better graphical user interface that was easy to use for everyday computing. He himself declares that Microsoft and its operating systems are sick and lame, but throughout his book, he continues to present screen shots of the same buggy operating system, and on the last page he proudly displays his Most valuable Professional certificate by Microsoft that writes Microsoft and Security in the same line! And for that, he seems to be very glad. I do not see the basic concepts of Ethical Hacking anywhere in his work. There is not a single line that would talk about free-and-open information. He does not in any way understand that hacking is NOT a few techniques that he presents in his book but a tradition, and a full-fledged sub-culture. That has its own code of conduct, rules, and norms. He is a lad with computer knowledge working in the head office of Symantec Corporation and talks about a completely different world. A world in which he has never lived and never felt. It is like a person who has never been out of his hometown as talks about the surface of Mars and speculates great things about it. Respected newspapers like the Times of India call him the Ethical Hacker, without knowing anything about this subject and Mr. Fadia also seems to accept it with a big smile. If he is a hacker then any computer security professional can come forward and call himself the savior of the world and an ethical hacker because he can block a few ports on a Cisco router. At 18, Ankit Fadia is not just a super hacker but also a respected expert. (Indian Express) Even-one including I, appreciate that he knows a lot about computers at a young age, but there is a world of genius out there. According to the hacker ethics, age does not matter, as this fact is supported by the statistics that I have provided in the book about the average ages of members of the sub-culture. It clearly indicates that most of the members are young boys, so his age really does not impress me at all. The only difference that I see is a person making his appearance in the main-stream society with the help of India's biggest publisher. Hacking his way to fame, its what Times of India writes. In an other place he writes that : If this is not done soon then the crackers will get way ahead in the security race. He does not even understand that elements working against security are always one step

ahead of the security systems and that's why all security companies exist today. Without devil there is no angle, and without bad there can be no good. Now moving towards the contents of the book. The book does not tell you what Ethical Hacking is, but tells you the basic construct of operating systems, protocols and other basic stuff. He writes: ...security is a very dynamic field, with new loopholes, attacks and techniques being discovered every single day. This makes it very important for us to keep abreast with the latest development in the world of ethical hacking. Keeping this in mind, I decided to update this book to include the latest tools, techniques and methods. Definitely, he is right and if he continues to update his book, he will be releasing new editions of it every week. There is actually no point in the whole content of the book. Tips and techniques is something that quickly gets outdated. I do not see any big problem in connecting to the astalavista network on the Internet and finding new tools, exploits and techniques about everything you need. That too that has been released that very day. Instead Mr.Fadia presents his Tips and Tricks on "Windoze 95" and "Windoze 98". Computer exploits become almost useless in a few days after their release, and he on the other hand presents facts that were good 12 years ago! His best seller starts with telling the reader how to remove computer lithium battery from the CPU to get rid of your BIOS password. Under the title of Windows Hacking he tells us the ways to change the startup logo that reads as Windows 95 is starting and put your picture or the picture of your neighbor in there. Then he tells us how to go to options in the Internet explorer and clear the history. Finally he tells us how to name your start button Ankit instead of Start, a few more tweaks in windows, changes to desktop settings, screen savers and all the useless items windows has to offer. In this chapter on Windows Hacking one practically learns how to make this funny operating system even funnier. I do not see how changing your screen saver settings can make you an Ethical Hacker. In the next chapters he introduces telnet, IP, ports, sockets, ping, ftp, port 80, port scanner and ways to remove banners from geocities free hosting! To make the volume fatter, he includes codes in Perl, C++ and Java on scores of pages. I do not see any reason why a person should type a 50-page code again with his keyboard when everything you need in whatever language you want is available on websites like planetsourcecode.com that ranges from DB softwares to viruses. It is therefore not amazing that he has written a 600 page book because more than half of it is other peoples C++ and Java codes. Hackers think that the wheel must not be reinvented again but he does not seem to agree. He gives you the C++ code for a port scanner, as if no good port scanner was available on the Internet. I have no idea how agencies like digit can give such comments: This book is aimed at providing you all the info you even wanted about hacking and how hackers work, but didn't know where to look. The book looks at topics such as Hacking

Windows, Cracking Passwords, Hacking Concepts and a whole lot more. (Digit) And then Fabmart waiting : Who ! This book is a 610 page encyclopedia of information on computer security. (Fabmart) I, being a person who hardly remembers the last time I booted my system on Windoze, see the contents as total bogus. In the very beginning I wrote that I wall not teach you how to hack, but how to be a hacker. Where as this Stanford Computer Science student seems to promote the idea that Its important to hack than to he a hacker. And wants to prove that a person who can connect to your system through telnet is a hacker. I have already mentioned it in the first chapter that its like you becoming a mathematician after adding 2+2! Or maybe in Ankit Fadia's view, you might become an Ethical Mathematician in someway. In a nut shell, this book, and all others, that present old buggy codes and techniques on how to break open windows are sold just because people dont want to use Google.