[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 27/09/14 18:51, Brad Rogers wrote: > On Sat, 27 Sep 2014 18:09:51 +0100 > Paul Sutton <zleap@xxxxxxxxx> wrote: > > Hello Paul, > >> Sure it may ruin their carers, but they also have responsibilities as >> parents, if they have failed and pay the price maybe the blame should >> lie with then, and not with everyone else which these people >> sometimes try and put it on. > > I totally agree. It may well have not been clear from my post though. > However, the main thrust of my post was that bad apple has to make a > tough decision. One that he's going to have to live with. It's only > he that can decide whether his conscience will let him place what he's > found out about this ne'er-do-well in the hands of the authorities. I > know I'd find it hard to make such a decision. > > It's a sad fact that what is Right, what is Moral, what is Legal and > what is Fair are rarely all the same thing. There can be large areas of > overlap with those things, I know. This is done. Somewhat restoring my faith in humanity, debased as it is, the charlie in question has good, caring parents. I was a silent partner on the phone call from hell, and they hit the ******* roof. Both pulled emergency leave, he's out of school and after a lot of soul searching and discussion, we're cutting this loose after two weeks of intensive activity. It's not like we can watch him forever. And we're getting old now. Vigilante action isn't what it used to be, and I sincerely regret getting involved in this in the first place. We all do. The parents are so on this I feel it's safe (?) to walk away now but so many nagging doubts remain. Did I do the right thing? Is it ok to break rules for the greater good? Who's watching us to make sure we only use our powers for 'good'? What's stopping me waking up tomorrow and going full 'evil'? It would definitely pay more. I was chatting on a certain Russian forum last night and was offered £5k in bitcoins to backdoor a specific blog site, which I know I can get into in 30 seconds (wordpress is a the gift that keeps giving). The recent bash and Xen vulns are just making things ridiculously easy at the moment. I absolutely don't need the money but a long unscratched itch has been making me think - during all the **** of the last couple of weeks the missus has pointed out that every now and then I've referred to myself as a hacker, rather than a sysadmin. That's rather optimistic, but now I was considerably younger I genuinely deserved that appellation. Now I'm old and lazy, I presumed all the kids would have naturally left me in the dust but as it happens I've realised that they're no more talented than we are, they just have a lot more free time. But they're many, many years too early to know all the tricks that we have picked up at the coalface after a work lifetime of firefighting. I terrified a junior DevOps guy we've got for a week earlier by demonstrating how to break into standard issue Windows (chntpw), Mac (single user mode escalate to root trick) and Linux (rescue mode and/or "init=/bin/bash") machines in just a minute or two. There's nothing about these attacks that is new or surprising but to the uninitiated it's like pure voodoo. That's kind of when I realised that I'm happiest breaking into other people's ****, instead of fixing people's ****. There will be some serious discussion ahead with She Who Must Be Obeyed but I'm seriously thinking about jacking in my relatively new sysadmin job, and going back to the uncertain world of contracting. Mainly because it turns out that reverse TCP stagers are a lot more interesting than fixing configured-by-morons CentOS machines. Basically I think I'm probably having my midlife crisis and just want my business card to say "L33T c00l ub3r HaXX0r" instead of "Systems Administrator". Perhaps I should just buy a sports car instead. Anyway, for the moment I remain a boring sysadmin and I'm putting the last couple of weeks unpleasantness behind me. I look forward to (hopefully) answering some normal, sane questions on list shortly. It feels like a while since Neil has broken something and I've told him how to fix it. Someone was asking about a hacked webserver - contact me off list. Even though I've obviously now got full control of my crappy live.com email address back, Microsoft are still hassling me with daily 2-factor auth reminders, Technet articles and general asking-for-money spam crap to the extent that I wonder if it was even worth it. Yours philosophically, resigned and undecided, bad apple -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq