MurdocX
11-04-2010, 07:08 PM
Lately I've been seeing a lot of players threaten to "hack" me unless I give them something or bend to their will. I know a lot of players who get paranoid about this and can cave under the pressure, so I'm making this to clarify some things.
1. HACKING is not a term real hackers use, it's like Chuck Norris flattering himself with a Chuck Norris joke, just doesn't work that way. Most hackers will refer to themselves in a number of ways, most usually Black Hatter.
2. Even real hackers arn't as you'd imagine. They don't have magical programs with awesome buttons that can "hack" for them and people who use programs to help them along the way are known as "Script Kiddies" and they usually don't know what they're doing entirely.
3. Even top notch "hackers" can't grab any information they want on a fingers notice. I'll put things into perspective to explain things a bit better. Account information is held on servers STS personally chose. Aside from PL not showing the IP of the server it's contacting while logging in, it would be a pain in the *** to try and find it. Even if someone manages to get the server IP, I would assume most would attempt to SQL inject the server if possible. On the 1/100 chance that the server has a SQL Injection vulnerability, the process to find specific information is a very long guessing game. Then assuming they managed to find your information, the information isn't kept in an organised text file with all the account information of everyone on PL. It will be encrypted. On top of the fact that it's super super super unlikely they found the information that easily, they would have to spend hours finding what encryption it is. Most of the time it is MD5 Hash which is never fun to decrypt, to top it off it's way more likely it's a closed source encryption method, and in THAT case, unless the person doing the job is an arithmetic encryption specialist, it's very unlikely they can decrypt it to read what's inside.
So all in all, it's like finding a needle in a feild of hay, in the pitch black darkness, with a lazer pointer as your only light source.
4. HOW TO FEND THEM OFF!
Your best bet is to bluff right back. Most of the time it will work if you say something along the lines of "Oh really now, mr.haxor. So explain to me the process of "hacking", good sir." Then they usually throw around a couple of terms they found on wikipedia like "Password Cracker" or something fancy sounding. Then most of the time that will leave you an opening to lie and own them. You can easily lie and say something like, "I'm an IT Director and I can tell that you're talking about things way beyond your knowledge and capabilities. Don't BS me." Then they usually stay silent and that leaves room to troll the fail troller! Like "Exactly, shut it." or something to finish off your epic win.
And no I'm not a black hatter (term that hackers use, it means an illegal hacker. An Antonym some people use is a White Hatter which is usually people like an IT Department who protect against hackers). I've been on both sides of the table of good and bad and I can tell you that "Hacking" is never a full proof method. It really is just a guessing game on top of luck more than anything.
1. HACKING is not a term real hackers use, it's like Chuck Norris flattering himself with a Chuck Norris joke, just doesn't work that way. Most hackers will refer to themselves in a number of ways, most usually Black Hatter.
2. Even real hackers arn't as you'd imagine. They don't have magical programs with awesome buttons that can "hack" for them and people who use programs to help them along the way are known as "Script Kiddies" and they usually don't know what they're doing entirely.
3. Even top notch "hackers" can't grab any information they want on a fingers notice. I'll put things into perspective to explain things a bit better. Account information is held on servers STS personally chose. Aside from PL not showing the IP of the server it's contacting while logging in, it would be a pain in the *** to try and find it. Even if someone manages to get the server IP, I would assume most would attempt to SQL inject the server if possible. On the 1/100 chance that the server has a SQL Injection vulnerability, the process to find specific information is a very long guessing game. Then assuming they managed to find your information, the information isn't kept in an organised text file with all the account information of everyone on PL. It will be encrypted. On top of the fact that it's super super super unlikely they found the information that easily, they would have to spend hours finding what encryption it is. Most of the time it is MD5 Hash which is never fun to decrypt, to top it off it's way more likely it's a closed source encryption method, and in THAT case, unless the person doing the job is an arithmetic encryption specialist, it's very unlikely they can decrypt it to read what's inside.
So all in all, it's like finding a needle in a feild of hay, in the pitch black darkness, with a lazer pointer as your only light source.
4. HOW TO FEND THEM OFF!
Your best bet is to bluff right back. Most of the time it will work if you say something along the lines of "Oh really now, mr.haxor. So explain to me the process of "hacking", good sir." Then they usually throw around a couple of terms they found on wikipedia like "Password Cracker" or something fancy sounding. Then most of the time that will leave you an opening to lie and own them. You can easily lie and say something like, "I'm an IT Director and I can tell that you're talking about things way beyond your knowledge and capabilities. Don't BS me." Then they usually stay silent and that leaves room to troll the fail troller! Like "Exactly, shut it." or something to finish off your epic win.
And no I'm not a black hatter (term that hackers use, it means an illegal hacker. An Antonym some people use is a White Hatter which is usually people like an IT Department who protect against hackers). I've been on both sides of the table of good and bad and I can tell you that "Hacking" is never a full proof method. It really is just a guessing game on top of luck more than anything.