Debunking the Hacker Profiler (part 2)

Beginning on March 29, 1999, John Vranasevich began a series called 
"How To Be A Hacker Profiler". These 'special reports' are supposed 
to enlighten readers on how hackers operate, insight into hacker
culture, and more.

With 'news' or 'reports' like this, it is often diffictul to point out 
the errata contained in them like other articles because they lack
substantial fact. Instead of the regular unfounded accusations, misquoting,
or outright libel, the Errata staff is left with vague descriptions of
unclear events or more often, poorly written descriptions about what most of
us consider common sense.

For those of you in a professional field, you have no doubt at some point
run into someone that just didn't sit right with you. At first, you can't
quite put a finger on why you thought they were less than honest, or why
they screamed "i'm a fraud", but SOMETHING stuck with you and gave you
that feel. Well, here it is with us. We will try to express why these 
'special reports' are nothing more than regurgitated common sense wrapped
up in buzz words and old ideas.

Further, we will bring attention to some points in the reports that make
you wonder why Vranasevich resorted to such menial tactics in writing. Was
it the only way to get his point across? Or rather, was it for lack of
anything else solid to write?

As with other errata, we list his text in white, and our own comments in
red. We are not quoting the entire article as Vranasevich has a tendancy
to threaten lawsuits. 

You be the judge. How To Be A Hacker Profiler - Part II - Monday, April 26 1999 As before, I WELCOME comments, suggestions, and questions. This entire "Hacker Profiler" concept has been a long-term project for me, and I'm always interested in what ideas others have on the subject. [As we saw at the beginning and end of the last one, JP does not welcome comments from some people. :)] =-= A Rose By Any Other Name (How To Find A Hacker's True Identity) Well, the hacker spent a lot of time on IRC, but always went on from hacked accounts that originated in a different country every night. One night, the hacker left irc, with a quit message of "Off To Play Quake". [In the past six days, a single IRC channel I have been on has made 93 references to 'quake'. These have come from dozens of IPs, some in the form of away messages, others in general chat.] Granted, a lot of things fell into place with that one. But, I hope it is an example that clearly illustrates how even the smallest piece of "intelligence" can be used to reveal a lot about any given hacker. [Yet another example that does NOT illustrate the value or effectiveness of hacker profiling.] =-= A Fish Out Of Water (Looking Outside The Underground Element) What time do they usually come on irc? What time are most of their hacks perpetrated? What time of day is their website updated? When do they reply to their e-mail? Is there anything in the way they talk that can help? What type of political or religious beliefs do they have? [And these elements IF interpreted correctly become a small amount of circumstancial evidence at best. These 'methods' are so incredibly old it is hard to believe JP could think otherwise.] =-= Ready, Aim, FIRE (Everyone Has Enemies, Especially In The Underground) Try this little experiment. Go to (a search engine run by antionline that archives security and underground related sites). [AntiSearch is what? The following URL shows that his engine is severely lacking, and far from comprehensive. Oh, don't mind the part about JP violating Attrition copyright repeatedly. :) /errata/charlatan/negation/www/ao.015.html Let's go back to IRC for a moment. We at AntiOnline have things called "bots", or programs that go on IRC to gather information for us. We got access to accounts on several different systems to place these bots on, so that the hackers don't realize that they're ours. [Or they do, and watch what they say in front of it. Either way, you feared government snooping before.. forget Big Brother and begin to question Big JP.]