 |
| . |
|
Navigation |
| Research |
| Marketing |
| Communities |
| Net Tools |
| Security |
| Seminars |
| Our Services |
| Search |
| . |
| Bookstore |
|
Check out our bookstore, operated with our associate, Amazon.com: |
 |
Net Q & A
Question of the Month: June 2000
What are "script kiddies?"
Answer
Young, unskilled computer hackers who use scripts or simple programs written by others. The preferred spelling is "skript kiddies."
People tend to assume all hackers are like the type that is most frequently reported in the news. The papers recently reported on a 19 year old from
Washington state that fit the stereotype perfectly: he was having trouble with his girlfriend, and his way of dealing with this was breaking into WWW servers to write public messages about her.There are two types of hackers that may very well be more dangerous, but
don't fit very well into popular stereotypes:* Skript kiddies are one. Today you don't have to know very much about computers at all to be a
hacker. Dumbed-down hacking tools are readily available.* At the other end of the scale, we have professional hackers. They
tend to be older, more concerned with material gain, and because they know more and don't frequently make the idiotic mistakes of the other two types.The skript kiddies are dangerous just because there are so many of them,
but the pros are the ones I worry most about, especially on e-mail interception. They can use sniffers installed on or near e-mail servers to collect all e-mail to or from particular law firms known to be handling sensitive cases (M & A comes to mind). If so inclined, they can use customizable e-mail analysis software. Check out SRA, http://www.sra.com and their flagship product, Assentor, http://www.assentor.com. In an ironic example of chickens coming home to roost, this software was originally developed for use by U.S. intelligence agencies.Postscript: After I spoke about this in Washington, DC recently, someone associated
with Assentor came up afterward to complain that I had pointed out that their product could be used for analysis of illicitly intercepted e-mail. According to him, everyone who knew how to install the Assentor product was required to have a security clearance.I politely refrained from asking him if the company did security clearances on all their customers as well. I also refrained from asking him if all their security clearances were done by the same people who had done them for Aldrich Ames and the Walker brothers).
|
Send us your question. We'll select the best each month and answer it here. On request, questions will be edited to conceal the questioner's identity.
|
|
View Q & A Archives. |
This page last revised: January 01, 2002.